10 Data Stupid US Government Counties are Ransomware Ticking Time Bombs


Posted on September 30, 2020 by Benjamin Bressington


10 Data Stupid US Government Counties are Ransomware Ticking Time Bombs

529 US County Government Websites are less secure than a porn site.

It's safer to visit Pornhub.com then it is to visit your local county website. That's right you are less likely to be infected with malware or have your identity or money stolen by visiting a porn website then visiting your local county website.

Many US County services could be taken offline in less than 19 minutes. Exposing residents to identity theft and financial fraud without their knowledge. Basic misconfigurations are exposing local governments to cybercriminals make it a ticking timebomb for embezzlement, IP theft, and identity theft.

The cyberattack resiliency of many US Government Counties is embarrassing, for such critical services to be taken offline for less than $20.

The ChatFortress team recently completed an external cybersecurity audit of the 3,200 USA Counties. This audit was based on the domain name to highlight which counties are most vulnerable to attack using standard external security audit frameworks.

"The growth and sophistication of cybercriminals, ransomware, and hacker attacks have reached epic levels. We can no longer ignore it or foolishly think "that won't happen to us."

Our team found 336,873 leaked credentials for US County employees nationwide, via dark web scans. 32% of cyber-attacks are caused by using compromised accounts due to poor password management. Based on this dataset it would allow accounts to be compromised in less than 19 minutes.

The data from the 3,200 US Counties has been published as part of CybersecurityReportCard.org and can be accessed here: https://chatfortress.com/directory/government

Interactive Map with Nationwide Data

The purpose of this data is to start conversations about our cybersecurity risks and showcase that everyone is vulnerable to attacks. With most cyberattacks being caused by human error or misconfigurations. It's time to take 5 minutes to review our cybersecurity 101 and ensure the basics protected.

It's unfortunate that when these US Counties become victims of a preventable incident that thousands of people are impacted or exposed to further harm. We provide detailed reports on each US County vulnerability with a remediation plan at no cost.

There has been an increase in data breaches and ransomware attacks against government services and this is only expected to increase. Here are some recent attacks:

716 US County Website Vulnerable to DDoS Attacks

We are also seeing an increase in DDoS attacks against governments and schools. Either intentional or unintentional as part of protests. 716 US Counties fail to protect their websites using a $20/month WAF (Web Application Firewall) which would prevent DDoS attacks. The cost of recovery after a DDos attack on average is $120,000.

The question becomes when these counties fall victim to a cyber-attack by no fault of their own, are they being stupid…or just irresponsible?

2,965 US Counties Vulnerable to Email Impersonation and Financial Fraud

2,965 US Counties currently have DMAC issues. Opening their email systems to increased impersonation attacks or email phishing attacks. This makes it easier for hackers to impersonate the county and send fraudulent emails with emails or payments to residents. This basic misconfiguration can result in millions of dollars in financial fraud.

10 Worst US Counties for Cybersecurity

10 Worst US Counties for Cybersecurity

Each of these counties has over 1,000 leaked employee credentials. Compromised accounts mean that we can find a person's username and password to access websites online. This is part of the research step cybercriminals complete to access a person's system. They will log in with your own username and password to bypass detection. Understanding how you create your passwords also provides insight into how to crack your password.

What's the Solution?

It's clear there is a problem with data security but what's the solution and how can steps be taken to improve the cyberattack resiliency of an organization? ChatFortress is making available up to $20,000 per month in cybersecurity products and services for free under the Make 2020 Safe Again business grant. Companies can access up to $60,000 in services until Dec 30, 2020.

2020 has been a challenging year, protect your business against financial loss.

Don't let Embezzlement, Fraud, or Espionage destroy your business. ChatFortress is making available up to $60,000 PER Company in Cybersecurity Protection. This Business Grant applies to any company, charity, or educational institution in the USA and Canada.

Got Questions?

Schedule a time to speak to your cybersecurity consultant for free to help you understand your options. Or Email Help@ChatFortress.com and our team will respond to your questions.

Schedule a time now:



Gain the Hacker’s View of your Cybersecurity Risk in Seconds with your Free Cybersecurity Assessment!

Discover How Hackers Exploit Your Business… If you had a no cost quick and easy way to check the safety of your business from cyber-attacks, would you do it?

Helping Business Owners start conversations about their cybersecurity culture. Cybersecurity does not have to be like chasing Bigfoot. Quantify your cybersecurity risk and instantly understand your vulnerabilities with ChatFortress Cybersecurity Report Cards.

Cybersecurity Report Card Logo - cybersecurity assessment

Discover Your Cybersecurity Risk in Minutes for FREE!

Nothing to Install, Nothing to Download, Anyone Can Do It!

Enter a website URL below to claim your report card instantly!

Your Cybersecurity Report Card will be automatically generated within seconds... tell us your website URL and let us amaze you!

Who is ChatFortress

ChatFortress is a leading cybersecurity company helping business owners protect their assets from cybercriminals. We provide companies with access to the latest technologies, social engineering and human behavioral strategies, and user education to create a proactive cybersecurity culture. Helping you fortify your business against cyberattacks.

Detect and Remove BAD Emails in 3 Seconds!

ChatFortress Email Guardian is the Ultimate Anti-phishing Program as it Detects and Mitgates Email Phishing Attacks in 3 seconds using A.i Real-Time Inbox Scanning for Phishing Prevention!

How secure it your website?

Search
Cybersecurity Resources

Talk to Us

Reduce your cybersecurity risk and exposure. Schedule time with your ChatFortress Specialist now
or Call 307-999-7755

commoncybersecuritymistakes
Cybersecurity Education Links

Common Cybersecurity Mistakes and how you can protect yourself and your business from liability and financial loss! Instant Webinar Access!

Schedule Your Free Cybersecurity Risk Assessment Click Here to Schedule Call

Discover current hacker trends to steal your data and how you can protect yourself in 7 day FREE Email Cybersecurity crash course

Here are the 8 common types of email phishing attacks that hackers use to steal your identity. Are you protected?

Protect your business from hackersCrash Coursesmall business cybersecurity protectionHackerssmall business cybersecurity protection8typesofemailphishingscamssmall business cybersecurity protectionCMMC Compliance Check ListCybersecurity For Business