State and local governments are facing an increasing number of cyber-attacks. In 2023, the FBI reported that government entities were the third most-targeted sector by ransomware, and a Center for Internet Security (CIS) study found that cyberattacks increased from 2022 to 2023. The study revealed the following increases:
- Malware attacks: up by 148%
- Ransomware incidents: up by 51% during the first eight months of 2023 compared to the same period in 2022
- Non-malware cyberattacks increased by 37%
Recently, several Salesforce breaches related to Public Agencies have occurred that exposed PII and other internal critical data:
- Last year, the State of Vermont reported at least five separate Salesforce Community sites that allowed guest access to sensitive information.
- The National Health Services (NHS) Scotland was breached due to a Salesforce configuration error.
- In December 2021, a misconfiguration in Salesforce Health Cloud exposed sensitive patient and internal HSE data.
Like federal counterparts, state and local government cybersecurity is also a major concern due to budget constraints, talent shortages, and growing cyber threats. While the specific threats may differ, governments at all levels require enhanced threat intelligence sharing and solutions to address the shortage of cybersecurity skills.
State and local governments are increasingly being targeted by threat actors, especially ransomware operators. Smaller agencies are often more willing to pay to recover from an attack. Organizations that refuse to pay ransom likely end up spending more on recovery than the attackers initially demanded. For example, the city of Baltimore spent nearly $18 million to recover from an infection after refusing a $78,000 ransom, and the New Orleans city government incurred costs of $7 million due to a ransomware attack in 2020.
Salesforce Applications in Public Agencies
Salesforce is a versatile SaaS application that enables customization of applications to meet the needs of various markets. One of these is the Public Agency market which enables various agencies on the state level to offer services to their employees and constituents. These agencies can develop applications for licensing, fee requests, payments, renewals, benefits, case management, and other internal and external services and workflows.
Public Agencies use Salesforce to help establish connections with citizens and deliver fast and impactful services. Developing applications can help agencies streamline their internal operations for more efficiency. Much like the private sector use of Salesforce, the Public Agency market must meet the demands of its customers, in this case, their citizens.
Like the private sector, Salesforce application development in the public sector faces challenges, particularly in addressing vulnerabilities during the application creation process. It has been observed that federal agencies tend to have a stronger cybersecurity stance compared to state agencies, largely due to their emphasis on intelligence sharing. Additionally, compared to larger federal-level government agencies, many state and local organizations lack the robust cybersecurity measures, structure, and budget seen at the federal level. Enhancing cybersecurity at the state and local government levels involves improving cyber threat detection and prevention.
The Importance of Salesforce Application Security
Public Agencies might store highly sensitive Personally Identifiable Information (PII) and Electronic Healthcare Records (EHR), which are often bought and sold in the underground economy. Business-critical applications for procurement and supply chain management are utilized within SLED agencies and should undergo regular security scans to detect and fix vulnerabilities such as misconfigurations and other issues that could be exploited.
Municipality networks typically consist of Internet, Intranet, IoT, SCADA, and other nodes, significantly expanding the potential points of attack and providing cybercriminals with more opportunities to exploit. Public Agency budgets are limited, and staff members may not always have sufficient time for cybersecurity training, making them more susceptible to social engineering tactics and attacks like ransomware and phishing emails.
Cybersecurity and development teams must collaborate to identify code vulnerabilities that could lead to unauthorized access, exploits, or breaches resulting in the exposure of sensitive information, data leaks, ransomware attacks, and other security issues. During the development of applications, vulnerabilities of varying risk levels will always be present. It’s important to identify and understand these vulnerabilities to secure the applications, as even a single vulnerability can pose a serious threat to Public Agencies.
DigitSec is a comprehensive Salesforce code and config security scanning platform that is easy to use, delivers immediate value, and provides a positive business impact. DigitSec is an ideal solution for cybersecurity teams and developers to find security vulnerabilities, recommend corrective action before deployment, and enable faster delivery of secure applications. DigitSec offers best-in-class security scanning for Salesforce Core and is the only application security testing solution that addresses both Site Genesis and SFRA for Salesforce B2C. DigitSec is SOC 2 Type 2 compliant, following internal best practices of security controls, policies, and procedures.
To find out how Public Agencies can find, correct, and mitigate risk in their Salesforce application development, visit us at www.digitsec.com or email us at sales@digitsec.com.
