Protecting law enforcement agencies from cyberattacks

By Robert Hayes

November 25, 2015

Law enforcement agencies around the globe are increasingly falling victim to a diverse range of cyberattacks. Attackers with differing motives have defaced police department websites, used denial of service attacks to disrupt policing operations, stolen personal information about police officers and staff, and even encrypted police records, successfully demanding a ransom in bitcoins to decrypt the files.

Whilst attacks such as these have been increasing both in terms of frequency and scale, few police departments have adequately considered these issues, let alone put into place robust contingency plans. The consequences can be significant — to the law enforcement agencies concerned, the personnel who work for them, and the communities they serve.

Microsoft offers a comprehensive cybersecurity framework designed to help law enforcement agencies protect themselves against cyberattacks. If an attack does occur, Microsoft tools will enable the agency to quickly detect the attack, and respond appropriately, ultimately helping organizations to recover quickly and ensure that they’re less vulnerable the next time around. Here’s a look at the four elements that make up our framework:

Protection: At Microsoft, we not only build security into all of our products and services, with each generation offering a higher level of security, but can advise agencies on how to use them for optimum security. This, in turn, helps to achieve greater protection, decreasing the likelihood that law enforcement agencies will be compromised by an attack.
Detection: Today, it takes organizations an average of 200 days to detect that a cyberattack has occurred. That’s over six months that an attacker has potentially unrestricted access to a law enforcement agency’s infrastructure and data. Microsoft offers a thorough set of monitoring and threat detection tools that will help agencies detect an attack or malicious behavior before the attacker can gain a foothold into their infrastructure.
Response: Once an attack is detected, Microsoft can help agencies to respond immediately by getting the attacker out of the network, while quickly understanding and repairing the damage that ensued.
Recovery: Microsoft also can assist agencies to produce and implement a strategic recovery plan with effective contingency plans, tools, and policies, which can significantly reduce the risk of further attacks.

These four elements of the Microsoft cybersecurity framework—protection, detection, response, and recovery—form a dynamic process. As new threats emerge, law enforcement agencies must stay on top of the changing landscape. And it’s reassuring to know that Microsoft is working alongside them, continually improving our cybersecurity strategies to deliver the best protection to our customers.

To learn more about our approach to cybersecurity, please see the Microsoft Cybersecurity website.