The URL can be used to link to this page

Home My WebLink AboutIR 10127 INFORMAL REPORT TO CITY COUNCIL MEMBERS No. 10127 To the Mayor and Members of the City Council April 10, 2018 r� Page 1 of 1 �i �i7 Y *a SUBJECT: PREVENTION OF CYBER ATTACKS #qrF rn Y g 7'.L The City of Atlanta recently suffered a cyber attack which forced 8,000 employees to shut down computers for five days. This attack did not affect 911 or treatment facilities, but it did cripple vital government services from courts to recreation and leisure. Payments for traffic fines and water utility bills were also affected. Similar attacks were reported by governmental agencies across the country. Colorado Department of Transportation was hit on two consecutive weeks. Baltimore 911 system was crippled for 17 hours. These attacks were carried out using ransomware. When ransomware enters a network, it encrypts files with an unknown encryption key. The attacker then demands a ransom payment to provide the key to decrypt the files. Ransomware can be spread using many different techniques: malicious email attachments, servers that are exposed to the internet, and downloads from untrusted websites. Once inside the network, the ransomware can spread throughout the network encrypting files and crashing servers. The City of Fort Worth takes measures to prevent these types of attacks by requiring elevated privileges for loading software, limiting the number of employees with elevated privileges, and by employing advanced detection and blocking systems on the network. Systems are further protected by promptly installing software patches from the vendors who provide our software such as Microsoft. Unpatched systems are the number one way that these remote attackers are able to compromise computing systems. The City also conducts cyber security awareness training for all employees with annual refresher training so that all employees help keep computing systems secure. In the briefing on cyber security to Council on February 13th , 2018, Kevin Gunn outlined FY18 efforts to improve the City's capabilities to prevent cyber attacks and respond to evolving threats such as ransomware. The May 1St Council agenda will include a request to approve advanced anti-virus/anti-malware software from Crowdstike which will improve protection for all City laptops, desktops, and servers. This software can prevent cyber attacks against desktop computers by monitoring the software behavior. Monitoring behavior is more effective at preventing attacks than current software which relies on virus signatures. Monitoring behavior can prevent an attack even if the attack has never been employed anywhere else on the Internet. The IT Solutions Department (ITS) is continually assessing and improving the cyber security programs and deploying leading edge security to safeguard information and computing systems vital to City operations. ITS monitors trends and adjusts the security program as necessary to keep Fort Worth at the forefront. The Department will continue to keep Council updated on these activities. If you have any questions, please call Kevin Gunn, Chief Technology Officer, at 817-392-2015. David Cooke City Manager ISSUED BY THE CITY MANAGER FORT WORTH, TEXAS