As cybercrime increases, local governments face uphill battle in hardening digital defenses

What would a small community do if its school district’s network was attacked by ransomware? What about if a municipally managed wastewater treatment plant in a rural county was shut down by a digital onslaught initiated by organized cybercriminals operating a continent away? 

With cyberthreats increasingly targeting municipal frameworks, these are the types of questions that constituents should be asking—and ones that local administrators should be prepared to answer.  

You’re talking about tens of millions of dollars being raised from these crimes. It’s become a big business,” said Bert Kashyap, CEO of the cybersecurity firm SecureW2, which advises local governments on cybersecurity. 

Two decades ago, when Kashyap entered the industry, hackers “were playing around with malware, it was less of an organized crime type of thing. Now, it’s definitely gotten to the point where there are nation states protecting these folks, and cyber gangs are basically forming syndicates,” Kashyap said. 

Last year, for example, American government organizations were targeted by nearly 80 ransomware attacks, potentially impacting 71 million people, according to a report from the consumer tech information site Comparitech.  

Recently, the Allen Independent School District in Texas was targeted with ransomware. The district refused to pay, according to reports, and parents of children in the school system have since received threatening emails warning their student’s private information will be released if the district doesn’t change course. And on Thursday, the cybersecurity firm Mandiant issued a report detailing how “an aggressive, financially motivated threat actor” that goes by FIN12 is specifically targeting “critical care functions. Almost 20 percent of directly observed FIN12 victims were in the health care industry.” 

Faced with this rapidly emerging threat, Kashyap says most of the administrators he’s talked to and advised say they’re not prepared. 

“Everyone from school district (managers) to other local officials tell us they’re concerned,” he said. “Especially with the ransomware threats, when you have a situation (that) potentially could take days if not weeks to restore all of your data, these are real things that are keeping local government leaders up at night. No. They themselves tell us they’re not adequately prepared.” 

Given the scope and sophistication of this new threat, local administrators face an uphill battle in building adequate cyber defenses. In this effort, Kashyap outlined three distinct hurdles, as he sees them, faced by municipalities: “There’s an information gap; there’s a skills gap; there’s a funding gap.” 

Compounding everything, because it’s a relatively new threat for cities and counties, most municipal leaders “are not well versed in this area. Since we talk to a lot of folks who manage the technology, they understand what’s at stake and what’s scary about it,” Kashyap said. “But they haven’t gotten enough visibility at the most senior levels, and when they do, they don’t have enough attention.” 

To read the complete article, visit American City & County.