Cybersecurity for local authorities: growing challenges and necessary responses

Cybersecurity

 

Cyber security is now a major concern for French local authorities. In recent years, they have become a prime target for cybercriminals. According to the government’s latest study on the maturity of local authorities in terms of cyber security, ‘1 in 10 local authorities say they have been the victim of one or more cyber attacks in the last 12 months’. And the consequences of attacks can be dramatic for public services and citizens. What are the challenges facing local authorities in this area? How can they strengthen their resilience to cyber attacks?

The rise in cyber attacks against local authorities

 

Local authorities have never been so exposed to the threat of cybercrime. According to a recent report published by the Banque des Territoires, computer attacks targeting local authorities are on the rise again in a worrying way. Despite a relative drop in ransomware attacks in 2023, with 40 incidents representing 22% of the incidents handled by ANSSI between January 2022 and June 2023, local authorities remain highly exposed to these threats due to their chronic lack of resources dedicated to cyber security.

Ransomware, malicious software that encrypts data and demands a ransom, remains particularly destructive for local authorities. The financial and operational damage can quickly reach considerable sums, not to mention the loss of public confidence.

Read also: Cybersecurity report 2024 and outlook for 2025: what are the trends?

The Senate launches a targeted legislative response

 

In response to this alarming situation, the French Senate has decided to explicitly include support for local authorities in terms of cyber security in a new legislative text. The aim is to strengthen the support provided to local authorities in terms of preventing, assisting and managing cyber attacks.

The legislation includes measures to facilitate local authorities’ access to technical and financial resources, thereby strengthening their resilience in the face of the cyber threat. The parliamentarians’ stated aim is clear: to create an environment conducive to greater cyber security at local level, through training, support and closer collaboration with specialist bodies such as the “Agence nationale de la sécurité des systèmes d’information” (ANSSI).

The Senate has clarified precisely which public bodies are covered by this directive. All major local authorities are included, but agglomeration communities that do not include at least one municipality with a population of more than 30,000 have been excluded from the scope of essential entities, in line with the position defended by the Association of French Mayors (AMF). The text also specifies the economic sectors concerned, in particular heating and cooling networks, hydrogen and wastewater treatment.

Local authorities: a weak link despite growing awareness

 

Awareness is certainly growing among local authorities, but there is still a long way to go. According to the Banque des Territoires report, inadequate training, a lack of in-house expertise and often restricted budgets make local authorities particularly vulnerable.

What’s more, local authorities are having to deal with the digital transformation of their services, which further increases their exposure to cyber attacks.

Smaller authorities are particularly vulnerable because of their limited resources. Cyber criminals exploit these weaknesses to gain access to sensitive data, disrupt essential services or extort funds.

Yet few are aware of the danger: according to a study conducted by Cybermalveillance.gouv.fr, the assistance platform for victims of attacks, 65% of local authorities with fewer than 3,500 inhabitants think that the cyber risk is low or even non-existent, or do not know how to assess it.

‘We note that the gap is widening between the smallest local authorities, which still think that they cannot be potential victims, and those with more than 1,000 inhabitants, which are stepping up their efforts. More than ever, therefore, it is necessary for the subject of cyber security to become everyone’s business, and for local authorities of all sizes to continue to be made aware of the issue so that they can take the necessary measures to protect themselves in the best possible way.

The importance of prevention

 

Faced with these challenges, prevention is the best strategy. Raising awareness, training and equipping public servants and local councillors has become essential. Implementing strict IT security policies and raising awareness can significantly reduce the risk of successful attacks.

It is becoming essential to implement technical solutions tailored to these specific environments. For example, the use of tools to secure information exchanges, protect internal networks and prevent the introduction of malicious software is becoming essential.

Among the practical solutions available to local authorities, decontamination of USB peripherals remains one of the most effective. USB sticks are one of the main points of entry for malicious software into local authority information systems.

Tyrex Cyber offers an innovative and particularly effective USB decontamination solution. By installing decontamination terminals, civil servants and elected representatives can analyse and clean their removable peripherals before plugging them into their local authority’s IT network. In this way, they are protected against a wide range of malware.

Are you a local authority looking to strengthen your cyber security? Discover the Tyrex Cyber solution today and protect your infrastructure for the long term.

Take contact with our experts!

ÇA VOUS INTÉRESSERA

AI malware: understanding and preventing these new threats

AI malware: understanding and preventing these new threats

  Artificial intelligence (AI) continues to revolutionise our daily lives, whether in healthcare, industry or leisure. However, like any powerful technology, it is not immune to being misused for malicious purposes. Among these pernicious uses, the creation of...

Ransomware in the workplace: what to do?

Ransomware in the workplace: what to do?

  59% of French companies say they will have been the victim of a ransomware attack in 2023. This figure shows just how much of a threat ransomware represents for organizations. Faced with this cybersecurity challenge, how can you put measures in place to guard...

Industrial cyber security: how can it be strengthened?

Industrial cyber security: how can it be strengthened?

  Cybersecurity in the industrial sector is now more important than ever. According to a study conducted by Wavestone for the 2022 and 2025 Industry 4.0 Barometer, 33% of industrial companies have already suffered damage as a result of a cyber attack, and 84%...

4 legendary cyber attacks that made a lasting impression

4 legendary cyber attacks that made a lasting impression

  A cyber attack takes place every 39 seconds around the world[1]. While many go unnoticed by the general public, others have left their mark on the history books. Here are 4 legendary cyber attacks that should convince you to protect your IT systems! Stuxnet:...

Cyberattacks in hospitals: a growing threat

Cyberattacks in hospitals: a growing threat

  Cyber attacks on hospitals are becoming increasingly frequent. They jeopardize patients' access to care. As Frédéric Jallat, Professor of Marketing and Director of the "Biopharmaceutical Management" Master's program at ESCP Business School, points out, "the...

USB key cyber infection: 5 tips to prevent it

USB key cyber infection: 5 tips to prevent it

  Today, cybersecurity is one of the main challenges companies face. And removable media such as USB keys represent a preferred attack vector for cybercriminals to infiltrate corporate networks. In fact, 37% of cyber threats have been specifically designed to...

What is the purpose of a USB decontamination station?

What is the purpose of a USB decontamination station?

  Cyber attacks are becoming more and more frequent, and they are costing businesses dearly. According to a study by the consultancy firm Asterès, based on an examination of 385,000 cyber attacks in France in 2022, the average cost to companies and organisations...

What are the main categories of malware?

What are the main categories of malware?

Malicious software, or malware, is any program designed to damage or perform unauthorized actions on a user's computer system. Here's an overview of the most common types of malware and how to protect yourself against them. Main categories of malware Viruses Among the...

Cybersecurity: 5 Key Actions for Businesses and Local Authorities

Cybersecurity: 5 Key Actions for Businesses and Local Authorities

Cybersecurity: the Right Thing to Do for Businesses and Public Authorities While 54% of businesses suffered at least one cyber attack in 2021, cybersecurity is no longer an option but a necessity. These frequent incidents can have devastating consequences for...

RETROUVEZ NOS autres ARTICLES DE LA MÊME CATÉGORIE

CONTACT US!

2 RUE DU 19 MARS 1962
92 110 CLICHY – FRANCE

+33 (0)1 74 90 39 00

CONTACT@TYREX-CYBER.COM