What’s the biggest challenge local and regional governments and municipalities face when it comes to IT? Increasingly, it’s cybersecurity, which has become a daily challenge for small governments across the United States.
Learn more about the cybersecurity challenges that small local and regional governments are facing on today’s blog.
According to a 2018 GovTech survey of local and regional governments, nearly half – 44 percent – of respondents surveyed stated that they experience cyber attacks on at least a daily basis.
- 27 percent responded that they experienced cyber attacks at least hourly.
- 23 percent responded that they experienced cyber attacks less than daily.
- Most shocking, 29 percent of local and regional government survey respondents did not know how often they were being attacked.
GovTech also stated that 53 percent of local and regional governments that participated in a recent University of Maryland survey did not catalog or keep track of attacks against their organization.
This is a problem that appears to be getting worse, rather than better. According to the GovTech survey, nearly 70 percent of local governments surveyed stated that they were experiencing the same number or more of cyber attacks as compared to the previous year.
Wave of Attacks Against Small Government Entities
In fact, throughout Spring of 2019, local and regional governments and municipalities have been hit by an “online crime wave” of cyber attacks, according to CSO Online. In April alone, a few of the government entities hit included:
- City of Greenville, South Carolina –
- Imperial County, California
- City of Stuart, Florida
- Augusta, Maine
- Cleveland Hopkins International Airport, Ohio
The ransoms and recovery costs of these recent attacks were also considerably higher than in past years. Riviera Beach, Florida paid $600,000 to recover breached data in an attack that shut down email, 911 computer records and water utility record keeping. Lake City, Florida agreed to pay a $460,000 ransom to recover 1,642 Terabytes of data in a ransomware attack that took down email, phones and resulted in loss of over 100 years of city records.
These incidents could be just the tip of the iceberg when it comes to the cyber threats facing local governments and municipalities. Small regional governments such as counties, cities and towns, are being viewed by cyber criminals as potentially lucrative “soft targets” due to weak security protocols and lack of effective response strategies and prevention efforts.
Response is a Key Issue for Local and Regional Governments
The New York Times recently highlighted the challenges regional and local governments face when dealing with these kinds of threats. Among the biggest challenges? Knowing how to respond when cyber attacks occur.
According to the Times, local governments are divided when it comes to determining how to respond to cyber threats, particularly ransomware attacks. One school of thought says that when an organization is victim of a ransomware attack, it should under no circumstances pay the attackers’ ransom demands. Another says that it could be cheaper to pay, in the long run.
This second school of thought seems to be gaining ground in the light of a cyber attack that hit the City of Baltimore in 2018. In responding to that attack, city officials opted against paying the attackers’ $75,000 ransom demand. In response, the attackers deleted the data in question. The cost to recover that data is estimated to exceed $10 million dollars – a high price to pay for standing on principle.
So what should local and regional governments do to reduce their risk? The answer in brief is to focus on preparation, prevention and response. We’ll cover these three elements of cybersecurity for local and regional governments in Part II of this article series next week.
Tolar Systems is a recognized leader in providing cybersecurity protection for local government entities across Central and West Texas. Contact Tolar Systems today if you need help preventing your organization from being victim to the online crime wave.