Write Up:

Statewide, MoDOT maintains thousands of computer devices. Keeping those computers safe from outside threats is a 24-hour responsibility using the latest security measures.  

For the first quarter of fiscal year 2024, MoDOT received a total of 201 emails containing malicious content (links and/or attachments) that were delivered to user inboxes. Of those 201 delivered emails, there were eight total clicks on contained links or attachments by the recipients. Five of the eight clicks were blocked at the time of click, while the other three were permitted. Two of these incidents were phishing related where the primary goal was the theft of user credentials. The third incident was identified as a malware threat by a vendor with the group behind sending the email having the objective of deploying ransomware on MoDOT systems. All three incidents were resolved following standard IS incident response procedures. The average click rate for the quarter was 3.9% - a decrease of 5.7% from the previous quarter.
 
This is the first quarter since beginning the tracking of this metric that MoDOT has been targeted by more email campaigns with the objective of installing malware than by email campaigns with the objective of stealing credentials. Malware attacks will often exploit vulnerable software installed on a system or a vulnerable part of the system itself. With the department seeing these changes in attack trends involving more malware, everyone should remain cognizant to any communications shared by the IS Help Desk about the scheduling of updates for MoDOT devices. 

MoDOT continues to emphasize cybersecurity and provide training for all department computer users. The cybersecurity oversight team works to define areas of vulnerability and deploy solutions to address risk. In addition, MoDOT utilizes the Office of Administration’s network firewall services, endpoint cybersecurity detection and remediation services to provide increased cyber protection.
 

Purpose of the Measure:

This measure reports MoDOT's average click rate on malicious email links and attachments. Using this measure MoDOT can compare performance to previous quarters and make adjustments in security training program to reflect the observed trend.

Measurement and Data Collection:

The incident data for this measure is captured from MoDOT's e-mail security platform.
The target for this measure is zero clicks.