paint-brush
How Can State & Local Governments Fight Ransomware? by@johnfunk
236 reads

How Can State & Local Governments Fight Ransomware?

by John FunkMarch 15th, 2024
Read on Terminal Reader
Read this story w/o Javascript

Too Long; Didn't Read

Ransomware attacks on governments go beyond crypto demands, impacting taxpayers, data security, and critical services. Cybersecurity measures like awareness training, multi-factor authentication, zero trust policies, and daily data backups are crucial to combatting these threats and protecting public services.
featured image - How Can State & Local Governments Fight Ransomware?
John Funk HackerNoon profile picture


Professionals outside the managed IT and cybersecurity trades tend to think about ransomware attack losses in terms of the cryptocurrency demands made by hackers. While extortion drives the criminal scheme, the total cost of a ransomware attack can be more crippling than the payoff alone. Once officials in local municipalities and state agencies understand the full impact of having their sensitive data and networks held hostage. As such, the need for proactive measures becomes a matter of urgency.


Facts About Ransomware Attacks Government Officials Need to Know

Ransomware attacks only garner news headlines when the wings of the government or high-profile corporations get ensnared. For example, when MGM Grand and Caesars casinos were stung by the Scattered Spiders hacker gang, news of the $15 million payoff went viral. And when DarkSide hackers put the Colonial Pipeline under siege, upwards of 5,500 miles of fuel distribution lines were crippled. The company’s inability to deliver gasoline caused massive fuel shortages across multiple states. Only after paying thieves $5 million did gasoline and diesel start flowing again.


These ransomware statistics highlight the fact hackers are willing to attack any network with impunity, even those of local and state governments:


  • The average cost of a 2023 ransomware attack has nearly doubled from 2022 to $1.54 million.
  • Companies grind to a standstill for 22 days, on average, during a ransomware attack.
  • Nearly a half-billion ransomware attacks were launched in 2022.
  • U.S. organizations are the most heavily targeted, accounting for 47 percent of global attacks.


But what did not necessarily make the splashiest of headlines was the long-term fallout from the digital hostage situations reported by the media. It’s not uncommon for organizations to experience a second attack after paying a crypto demand. Approximately 30 percent of private-sector companies that were overrun by cybercriminals suffered diminished confidence in the brand — some ended up filing for bankruptcy.


The private sector, of course, is not the only target of ransomware attacks. Governments, too, make tempting targets, given that public IT infrastructure can be infamously behind the times. With citizens already critical of local, state, and federal government decisions and the use of taxpayer dollars, lost confidence is the last thing elected and non-elected officials need.


Ransomware Attack Threats to Local & State Governments

Decision-makers need to understand that hackers continue to target weak, almost defenseless networks and employees who lack cybersecurity awareness training. That’s largely why phishing — the use of malware-laced electronic messages — remains hackers’ delivery method of choice. Whether a new hire in training clicks on the wrong link or an elected official gets conned into downloading a malicious file, the consequences are the same. These are ways one mistake can send a municipality into a tailspin.

Financial Impact on Taxpayers

States such as Florida passed laws banning the practice of paying hacker ransom demands, and many others are mulling over whether to follow suit. With the average cost hovering around $1.54 million, not ponying up seems like the right decision in terms of protecting taxpayer money. That may not necessarily hold.


For example, Costa Rican officials reportedly refused to pay Russian hackers $20 million last year. In a fit of retribution, the cybercriminals brought down wide-reaching agencies for months to the tune of $30 million in losses. By contrast, the relatively small city of Lafayette, Colorado, doled out a $45,000 ransom payment to avoid government entities shutting down and potentially greater losses.

Impact of Data Security Loss on Citizens

A breach of government data is tantamount to citizens being exposed. The information held by tax collectors, permitting departments, and local canvassing boards can be leveraged against residents. Names, birthdates, addresses, and Social Security numbers are routinely stolen from devices and sold on the dark web. This and other sensitive information have also been used to dox political opponents in recent years.

Municipal Services Disruptions

The greatest threat for politicians and term-appointed officials may be getting ousted by voters. But for residents, critical services can be shut down for significant amounts of time.


For example, a recent cyberattack impacted multiple water utility operations in Pennsylvania that used Israeli-made computer systems, according to reports. The FBI and Cybersecurity and Infrastructure Security Agency are investigating the attack that reportedly included anti-Israel messaging.


“Our adversaries don’t care who runs critical infrastructure,” U.S. Rep. Christopher Deluzio reportedly said. “If they can get in through the weakest link — and [if] that’s a small municipal authority or a private vendor — that’s what they’re going to target.”


These cyberattacks have also impacted other U.S. water authorities across the country. Although the nation-state hackers who orchestrated the infiltrations were not looking for a payoff, the recent incident highlights the vulnerability of essential services. Sophisticated cybercriminals can deploy similar tactics to shut down healthcare operations, voting systems, school computer networks, sewage treatment plants, and even the power grid.


How to Fight Ransomware Attacks

The importance of taking proactive measures to prevent ransomware attacks cannot be understated. The cost and upheaval for residents of local and state governments can have a devastating short-term and lasting effect. If there’s a silver lining to the fact hackers from halfway around the globe persistently try to harvest poorly defensed networks like low-hanging fruit, it’s that determined cybersecurity remains far less expensive than ransomware demands and losses. Governmental leaders have an opportunity to enlist the support of managed IT firms with cybersecurity expertise to implement best practices, consistent with recent federal data protection mandates.

Cybersecurity Awareness Training

An increased number of operations have begun offering cybersecurity awareness training to their entire staff in recent years. That effort has reduced the number of data breaches caused by human error to only a troubling 88 percent. That being said, cybersecurity awareness training gives frontline workers the skills and knowledge needed to identify phishing schemes, social engineering attacks, and other nefarious hacking methods. Not only does investing in awareness training help prevent ransomware attacks, but it also creates a cybersecurity culture.

Multi-Factor Authentication

Ranked among the most effective and simple security measures, multi-factor authentication requires network users to enter a code after inputting their username and password. By sending the code to a secondary resource, it prevents hackers from infiltrating governmental systems after learning someone’s login credentials.

Zero Trust User Profiles

The number of cyberattacks has increased almost exponentially in recent years because hackers are making bank. Decision-makers must proceed with the expectation that any system can be penetrated if a hacker has the time, tools, and skills. Zero trust policies reduce a hacker’s impact on services. These security measures can also prevent cybercriminals from reaching valuable and sensitive data. With zero trust, each legitimate user’s profile comes with data restrictions. Even if a hacker manages to gain access through an employee or official’s network credentials, the criminal also faces data access restrictions.

Back Up Data Daily

State legislatures appear to be moving forward with laws that ban local governments from paying ransom demands. Such laws make it imperative that every system’s data is backed up daily and taken offline. Without these sensitive and valuable digital assets, lengthy shutdowns and information recreation would result in massive losses.


In cybersecurity circles, a successful ransomware attack is the sum of all fears. Once hackers seize control over municipal systems, they can put people in harm’s way by shutting down wide-reaching services. It’s mission-critical to have a risk assessment performed and use that information to harden governmental networks.