Winston-Salem Strengthens Cybersecurity After December 2024 Cyberattack
On December 26, 2024, Winston-Salem city officials detected a cyberattack targeting municipal systems. The city responded immediately, working with state and federal agencies to investigate the incident. Authorities confirmed that an unauthorized actor accessed certain systems and exfiltrated specific data without permission.
A comprehensive review, supported by data specialists, was conducted to assess the scope of the breach and identify affected individuals. In response, the city’s IT department implemented enhanced security measures, including:
- Deployment of advanced security tools across desktops, mobile devices, servers, applications, and networks.
- Collaboration with technical teams from the Winston-Salem Police Department, Utilities, and Department of Transportation.
- Stricter password protocols and the elimination of shared accounts.
- Introduction of a privileged access management tool.
- Mandatory cybersecurity training for all employees, focusing on phishing and scam prevention.
City leaders stated that all systems and data are now secure, with defenses strengthened beyond pre-attack levels. The incident underscores the ongoing risks faced by local governments and the importance of proactive cybersecurity measures.
Source: https://www.wxii12.com/article/winston-salem-cyber-security-update/70271870
City of Winston-Salem cybersecurity rating report: https://www.rankiteo.com/company/city-of-winston-salem
"id": "CIT1770414736",
"linkid": "city-of-winston-salem",
"type": "Cyber Attack",
"date": "12/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Municipal Services',
'location': 'Winston-Salem, North Carolina, USA',
'name': 'City of Winston-Salem',
'type': 'Government'}],
'data_breach': {'data_exfiltration': 'Yes'},
'date_detected': '2024-12-26',
'description': 'On December 26, 2024, Winston-Salem city officials detected a '
'cyberattack targeting municipal systems. An unauthorized '
'actor accessed certain systems and exfiltrated specific data '
'without permission. The city responded immediately with '
'enhanced security measures.',
'impact': {'data_compromised': 'Specific data exfiltrated',
'systems_affected': 'Municipal systems'},
'investigation_status': 'Ongoing',
'lessons_learned': 'The incident underscores the ongoing risks faced by local '
'governments and the importance of proactive cybersecurity '
'measures.',
'post_incident_analysis': {'corrective_actions': 'Enhanced security tools, '
'stricter password '
'protocols, privileged '
'access management, '
'cybersecurity training'},
'references': [{'source': 'City of Winston-Salem Official Statement'}],
'response': {'containment_measures': 'Deployment of advanced security tools, '
'collaboration with technical teams',
'incident_response_plan_activated': 'Yes',
'recovery_measures': 'All systems and data secured, defenses '
'strengthened beyond pre-attack levels',
'remediation_measures': 'Stricter password protocols, '
'elimination of shared accounts, '
'introduction of privileged access '
'management tool, mandatory '
'cybersecurity training',
'third_party_assistance': 'State and federal agencies, data '
'specialists'},
'title': 'Winston-Salem Cyberattack',
'type': 'Cyberattack'}