To provide feedback on the Community Policing Dispatch, e-mail the editorial board at CPDispatch@usdoj.gov.
U.S. Department of Justice
Office of Community Oriented Policing Services
Cybercriminals are a growing threat to government and law enforcement—holding municipal and police department internet systems hostage for ransom, stealing valuable information, and endangering public safety.
Law enforcement agencies are a target for hackers, especially hackers interested in stealing or compromising data, and some departments are especially vulnerable because of outdated technology or inadequate training. Stopping these criminals isn’t easy, but there are ways to increase security and minimize risks.
In addition to searching for the identities of witnesses and other critical policing data, cybercrooks can tamper with evidence storage systems and spoof email accounts of vendors and government agencies, sending fraudulent emails requesting wire transfer payments and employee W-2 information. They can even lock down the department’s entire system in a ransomware attack.
But chasing these bad guys is virtually impossible, because they themselves are virtual—invisible and often far from their victims, possibly on the other side of the world, posing daunting technological as well as jurisdictional challenges. These challenges mean adequate prevention is more important than any response.
The front line on data security is high quality technology, enterprise level anti-virus and malware software with a centralized dashboard of all devices and notification capabilities, which is upgraded regularly. But even with the best software or programs, hackers can still get in.
As Mark Gowen, the Information Systems Security Officer for the COPS Office, says, “There is no such thing as 100 percent safety from cybercrime. You must always be on the lookout for threats. What’s most important is an up-to-date system and a culture of cybersecurity, ensuring that all your people are well aware of the threats and what they must do to protect themselves and the department.”
Gowen maintains that delegating the right person to be responsible for this is critical. “Cybercrime is an ever evolving threat, and an agency can’t keep ahead to adequately protect themselves without somebody dedicated to the task,” he says.
An information security manager will require professional training to effectively manage security and train others in the department, Gowen adds. “But the cost of prevention is far less than the cost of recovery, financial and otherwise.”
There are a number of sources for training, including the following:
But there are also behavioral modifications that can increase departmental security. Everyone must protect and update passwords; shred confidential documents; and be vigilant about their laptops, cameras, and USB drives.
The most effective way to protect against this is Multifactor Authentication (MFA), a two- or more-step authentication process, in which users must provide a special code or use a passkey or card in addition to their password.
Most important, all personnel must immediately report any suspected malware intrusions or breaches of security—even if they aren’t sure but just think something doesn’t seem right. To help your people respond, provide guidelines on how to recognize and respond to threats.
Gowen recommends testing personnel by sending fake emails that look real to all personnel. Those who open them and click on links or attachments get a warning not to open emails from unverified senders.
Electronic threats most often come as malicious software, or malware, which can infect computers and networks. Malware can be detected several ways. Your computer's operating system may slow down so that it takes longer than usual to perform basic actions. Or your web browser’s behavior may change. Popups that keep appearing and can’t be closed are another sign.
Be especially wary of popups warning of security threats, as these may be ploys to trick you into downloading malicious software. Avoid clicking to close them. Instead, close them from the system tray area or windows taskbar with a right mouse click.
Phishing is the most common way thieves access sensitive information and infect computer systems. These scams often come as emails and social media contacts designed to lure you into clicking links or visiting fake websites that contain malware.
Phishing scams are often presented as urgent requests with dire consequences for not replying by clicking the included link. Typically, they appear to come from corporations rather than specific people at the company and use either no salutation or a generic one like "officer" or "employee.” To see the true destination for the link, hold your cursor over the URL.
In a watering hole attack, the perpetrator infects a frequently visited website with malware to gain access to the victim’s network. Unsuspecting visitors may download the malware or offer personal information to the attacker without knowing it. Spoofers send emails in the name of an individual, company, or institution known to the victim.
If a hacker is successful in locking down or compromising your network, a backup system and recovery plan can provide the ability to quickly restore the department’s operating system and all of its data. If there is recovery system and plan already in place, the designated IT person can react quickly.
The threats are numerous and varied, and these criminals are technologically savvy. Police departments and sheriffs’ offices should expect to be attacked at some time; but as in all effective crime fighting strategies, being prepared, vigilant, and well-armed—in this case, with strong security practices—is your best defense.
Sr. Technical Writer
To sign up for monthly updates or to access your subscriber preferences, please enter your email address in the Subscribe box.