ICMA is alerting members to a possible cybersecurity risk so that their local governments can take appropriate action if need be.
Specifically, the U.S. Department of Homeland Security (DHS) has identified “security products, solutions, and services” from AO Kaspersky Lab and related entities as posing a security risk. The reason is possible ties between some Kaspersky officials and Russian intelligence agencies, plus Russian laws that may compel Kaspersky to provide access to communications transiting Russian networks.
DHS particularly singled out anti-virus products, which “provide broad access to files and elevated privileges on the computers on which the software is installed, which can be exploited by malicious cyber actors to compromise those information systems.”
Accordingly, DHS has asked federal Executive Branch departments and agencies to identify and make provisional plans to remove any such software on a short timetable while DHS seeks a response to its concerns from Kaspersky. Read the full DHS news release.
Local governments that use these products may wish to take similar precautions.
ICMA has published a number of articles and blog posts that describe ransomware and other cyberattacks, explain vulnerabilities and risks, and provide advice for securing systems and preventing breaches. Here are some key resources; also browse the Cybersecurity topic on the ICMA website:
- De-Mystifying Cybersecurity. A town administrator from a small community and an enterprise information security official from a large county offer perspectives on the risks, approaches, and challenges of today’s cyber environment.
- Ransomware Attack! Making the Hard Decisions. A first-person account of an attack on a city’s computers.
- Cybersecurity: What’s Your Risk? Six questions managers should ask.
- Local Government Guide to Cybersecurity. Guidance for local appointed and elected officials.
- Cyber Disruption Response Planning Guide. Resources provided by the National Association of State Chief Information Officers (NASCIO), equally useful at the local level.
- How You Can Protect Your Community from Getting Cyber Hacked. See the quick reference checklist for cybersecurity tasks.
- Cyber Disruption Response Planning Checklist. An expanded checklist is drawn from the NASCIO guide.