3 Steps to Combating Cybercriminals’ Attacks on Local Governments

city hall sign on building

In recent years, we've seen high-profile cyberattacks directed at national governments in service of a political agenda. Now, in an unfortunate but predictable development, hackers are targeting state and local governments, and their motives are purely about profit.

Texas was one of the latest victims. Hackers took over computer systems in 23 rural municipalities and demanded a ransom to restore access. None complied with the demand, but many still lost the ability to provide key civil services such as processing utility bills and retrieving birth certificates. Damage was unavoidable.

With so many bigger targets to prey on, why would hackers menace local governments? Ultimately, smaller targets are low-risk and high-reward. Think about it: Governments have massive amounts of sensitive data that could be sold or used to launch identity theft attacks. Local governments also have limited cybersecurity resources, making them easy targets.

In most instances of attacks on municipalities, ransomware attacks seem to be the most common. Although the advice usually given is to never pay the ransom, having key municipal services offline represents a very strong incentive to pay. In this post, we will show you how to avoid ransomware along with a host of other attacks specifically targeted at local governments.

Understanding What’s at Stake

Governments with limited resources need to understand what they’re up against if they’re going to use those resources effectively. The AppRiver “Cities Under Siege” report contains important insights about the scope of the threat right now.

Among the C-suite decision makers and IT experts who work for government offices with at least 250 people, 58% said cyberattacks were “prevalent” and 36% said they were “imminent.” Maybe most alarming, 75% said hackers have better offenses than their government offices have defenses. Civil servants clearly understand the scope of the problem, including that they’re largely defenseless against it.

What’s less understood is the full extent of the damage. Immediately, cyberattacks interrupt infrastructure and suspend services. If officials decide to pay a ransom, it creates a huge unexpected expense (not to mention there is no guarantee they will be able to recover their system). Even if they don’t pay, it can cost handsomely to fix IT issues. Over the long term, successful hacks can even erode confidence in institutions and effective governance. It’s not an exaggeration to suggest that persistent attacks on government can undermine faith in democracy itself.

Governments across the country are already discovering the complicated costs of cyber incidents. Tallahassee, Florida, had $500,000 diverted out of an account for employee payroll; Greenville, North Carolina, saw city services disrupted for weeks; Baltimore paid $18 million to fully recover from a ransomware attack; and Newark, Atlanta, and San Diego also faced hefty recovery bills. Far from being a remote risk or a minor cost, cyberattacks are a serious threat that all local governments need to keep on their radars.

The Cybersecurity All Governments Need

Ultimately, local governments need to adopt the same approach to cybersecurity as larger governments and major corporations. The scale will be different, but the underlying strategy will be the same:
 

  1. Use multi-layered defenses: Cyberattacks can take many forms and come from many sources. The only way to stop all (or even most) of them is by adopting a multi-layered defense. That means it can identify, block, and mitigate threats while also providing protection at both the network and endpoint levels. The specifics of cybersecurity will look different in every municipality, but they should always rely on multiple defenses deployed in different directions.
  2. Focus on weak points: If hackers encounter a little resistance, they will often move on to other targets, so it’s important to address the weak points they’re most likely to attack. Email is at the top of the list because social engineering can be used to entice users to click and start a ransomware attack. It is also an easy way for hackers to launch myriad other attacks. Protecting the inbox should involve a combination of encryption, sender authentication, threat filtering, and user training. 
  3. Engage the stakeholders: When companies need more money for cybersecurity, they go to executives. When governments need more, they must turn to constituents. Realistically, better security will involve bigger investment, and the community must be on board if that means raising taxes or diverting funds from other civil services. Make the case by highlighting the real consequences of cyberattacks and emphasizing that everyone, not just the government, suffers as a result. Frame it as a community priority rather than an administrative expense.

Complacency is your worst enemy. More than a few municipalities have concluded they’re too small, too remote, or too low-tech to be victims — and they are wrong. Instead of gambling on being overlooked by hackers, treat this issue like the inevitability it is. Cyberattacks are certainly coming. Whether they’re successful is up to you.