When the computers of the city of Lodi got hit by a ransomware attack last April, the strike disabled phone lines, forced police officers to write reports by hand and prevented workers from sending out utility bills.
City officials refused to pay the ransom of 75 bitcoins — about $400,000 — and instead turned to their cyber insurance company, which sent in a legal team and security experts to investigate and help return the system to normal.
“It took a lot of our energy and ended up consuming a great deal of time,” recalled City Manager Steve Schwabauer. “We ultimately filed a claim of about $250,000, and it’s not fully closed yet.”
State legislators later gave Lodi, a city of about 67,000, a half-million-dollar grant to upgrade cybersecurity.
As cybercriminals increase their attacks against local governments — hundreds of municipalities and county agencies were hit in the past two years — some states are helping cities and counties better protect themselves.
States have offered election cybersecurity, responses to ransomware attacks that take computer systems hostage, training and other programs, according to a recent report by the National Governors Association and the National Association of State Chief Information Officers.
“It’s the right thing to do,” said Meredith Ward, the latter group’s policy and research director. “Cybersecurity is a team sport. States and local government and the private sector all have a role to play.”
But while 65 percent of states report that they provide some cybersecurity services to local governments, the scope varies widely. And other states aren't doing anything to help, saying they don’t have jurisdiction over local governments or they lack money to spare.
“It’s very hard for most local governments,” said Alan Shark, executive director of the Public Technology Institute, a Washington, D.C.-based nonprofit that provides training and other support to local government information technology executives. “They lack the resources to adequately protect themselves. Yesterday’s fixes don’t work today. The cybercriminals are encouraged.”
Local governments saw a spike in cyberattacks in 2019, and experts say it doesn’t look like they’re going to abate anytime soon.
In the past 24 months, at least 370 cyber incidents affecting local governments and public safety agencies were publicly reported in 47 states, according to Aubrey Larson, a marketing manager with SecuLore Solutions, a Maryland-based cybersecurity company. That’s a 150 percent hike over the previous two-year period, she said.
In fact, the majority of publicized ransomware attacks in the United States last year targeted local governments, according to the report by the governors’ and state IT officers' associations. Cities and counties provide essential services to residents and need access to their data to function effectively.
Ransomware hijacks government computer systems and holds them hostage until their victims pay a ransom or restore the system on their own.
In October, the FBI issued a public service announcement, saying state and local governments “have been particularly visible targets for ransomware attacks.”
Those attacks can be devastating.
“Some cyber incidents are truly becoming emergencies. (State and local IT officials) shouldn’t be exchanging business cards at that point,” said Maggie Brunner, cybersecurity program director for the national governors’ group. “They should be doing it ahead of time. We’d love to see state CIOs know every single local IT director.”
(c)2020 Stateline.org. Distributed by Tribune Content Agency, LLC.