CHAMPAIGN, Ill. (WCIA) — The IT Department will outline its ongoing cyber security efforts at a city council meeting Tuesday night.
The City of Champaign has increased its cyber security throughout the last several years by:
- Setting up a firewall to control network traffic flows both inside and outside the city’s network.
- Installing software that requires devices to be registered before being granted access to Champaign’s network resources.
- Joining the Multi-State Information Sharing and Analysis Center (MS-ISAC), a grant that is funded by the Department of Homeland Security. The program operates on local, state, tribal and territorial government-levels.
- Updating all computers with anti-virus protections and encouraging employees to power down their computers every night.
- Using Microsoft’s Advanced Threat Protection program, which combs through all emails and attachments for suspicious content and blocks questionable emails.
- Training city employees to recognize phishing campaigns.
“These are all efforts to basically block attacks, be it ransomware or malware, before they get to us,” IT Director Mark Toalson said.
Toalson said efforts to train staff began in May 2018. He called that one of the most important initiatives.
“The weakest links are the users themselves,” Toalson said. “You get a spam email, you’re not sure what to do and you clink on a link and that’s all it takes.”
Toalson said the top targets for fake “spoofing” emails are the mayor and city manager.
“The problem is an employee gets an email from the mayor or city manager and thinks, ‘Oh, I’ve got to respond quickly,’ and it gets their attention,” Toalson said.
The IT Department has budgeted $1,139,062.34 for “maintenance contracts” in the 2019 Fiscal Year. The city also has insurance coverage up to $5,000,000 per incident.