Tasked with directing vital services, managing critical infrastructure, and responding to the needs of a demanding constituency, municipalities face a barrage of risks and resilience issues and that was before taking cyber threats into accounts.
Expected to maintain and sustain the health, education, and countless other vital sectors which keep our communities operating, municipalities have become the focal point of state-sponsored hackers and cybercriminals seeking big payoffs and even larger media coverage to support their malicious enterprises.
Faced with the responsibility to manage and maintain diverse sectors with even more divergent security demands municipalities serve as the outward-facing storehouses of private data, essential to the daily operation of cities and towns across the globe. Much like MSP (Managed Service Provider), who act as the facilitators of IT services to larger operations, municipal governments act as the critical interlockers between end consumers, private citizens, and the critical infrastructure they require.
Municipalities are under attack.
Recent research by Barracuda Networks indicates that 44% of global ransomware attacks in 2020 targeted municipalities. With nearly half of all ransomware attacks targeting municipalities, one would hope there would be a coordinated push towards enhancing cyber preparedness, but recent studies have indicated that while the risks remain high, the appetite and budgets to mitigate them remain lacking.
According to a study conducted by the National Association of State Information Officers (NASCIO), nearly “ 50% of states do not have a committed cybersecurity line-item budget. Even more concerning is the fact that 37% of states have seen a reduction in funding or no change at all. The lack of reoccurring funding translates to municipal networks and computers being put at risk to increasing cyber threats.”
While the media cycle has recently focused on the vast risks and even bigger vulnerabilities for municipalities, history indicates that these have been growing and persistent risks to local governments for decades.
Why are municipalities being targeted?
Standing at the intersection of vast consumer data and vulnerable yet poorly managed ‘secure networks’, municipalities are the ideal target for cybercriminals aiming for the quintessential low-hanging fruit of the data universe. As the gatekeepers for voter records, tax information, social security numbers as well as essential access information to the full range of critical infrastructure managed in the municipality’s workload, it is of little surprise that they have become a focal point of cyber-attacks.
Complicating the matter exponentially is that “by law, the government must be transparent, while the open government has made access to public records and information easier for citizens, it has also made it easier for cybercriminals to exploit public systems that contain sensitive information. Because local governments maintain sensitive personally identifiable information, they have a fiduciary duty to safeguard that information.”
What is the cost for municipality?
A recent report titled “The Economic Impact of Cyber Attacks on Municipalities” found
- The average cybersecurity breach costs states between $665,000 to $40.53 million, with a median cost varying from $60,000 to as high as $1.87 million.
- The average ransom amount demanded by cybercriminals from 2013-2020 was $835,758.33 (USD).
- 60% of states either have “voluntary” or no cybersecurity training programs at all.
- 2% of attacks in state government are targeted towards cities and local schools across the nation.”
How are municipalities being attacked?
Far and away the biggest cyber threat faced by municipalities today is ransomware, where local governments are denied access to their files, computers, or various secure data until an often-egregious ransom is paid. Hackers are rapidly adjusting their tactics to impart the greatest financial damage by utilizing processes such as brute force attacks and credential stuffing which are overtaking phishing emails as the leading methods for distributing ransomware to vulnerable targets.
Hackers begin their path of destruction by obtaining user’s credentials, compromising their passwords, often through file-based attacks. “The connections are straightforward: credential stuffing and password spraying are successful because of systemic password re-use. This leads to many compromised credentials, which in turn, allows the soaring frequency of ransomware attacks.”
What can be done moving forward?
Mitigating cyber risk for municipalities can be as simple as focusing on password and email security, applying systems patches, securing self- service citizens portal from malicious uploads and improving employee education or as involved as reshaping the organizations’ security posture from the top down. Implementing easy wins such as ensuring that all updates are applied or limiting system admins can significantly reduce the risk of human error. While listening to the concerns of informed partners, monitoring industry best practices, and bringing in new technologies and critical approaches to understanding cyber risk require more time in implementation, in the long term the rewards more than justify the costs.
This article originally appeared on Forbes.com