As your municipality budgets for the next fiscal year, it’s important to consider your cyberattack preparedness.
Recently, several cities have had to rally statewide resources to combat malware, phishing, ransomware, and other cyberattacks—and responding to these attacks only after they’ve happened can be far more expensive and time-consuming than preventing them.
Here are the cybersecurity threats you simply can’t ignore.
What Types of Cyberattacks are Municipalities Experiencing?
Recently, several Louisiana school systems fell victim to malware, shutting down school computers and making it difficult to see just how extensive the damage was. As a result, Louisiana’s governor quickly declared a statewide emergency, marshaling resources from around the state to help the school system recover its data and functionality.
But Louisiana’s breach, while serious, was not isolated.
In the first five months of 2019 alone, there were at least 22 reported breaches of public sector networks, including networks serving heavily populated cities like Atlanta, Georgia; Baltimore, Maryland; and Albany, New York.
And in June 2019, two Florida cities were forced to pay more than $1 million in bitcoin to hackers who gained (and maintained) control of the cities’ computer systems for more than a week.
These attacks generally fall into two main categories:
- Ransomware, where hackers gain control of a network, encrypt all the files on the network, and then agree to release this control in exchange for payment.
The ransom is usually demanded in bitcoin, as this makes it far more difficult for law enforcement to trace the source of the attack. - Phishing attacks, in which an email with a harmful link is circulated to all network users.
If even one user clicks on this link, it can compromise the entire network, and these emails are often carefully crafted to look identical to legitimate ones.
Because municipal employees get so many emails on a daily basis, it is even tougher for them to sift through what should and shouldn’t be clicked.
How Can Municipalities Protect Themselves?
As the saying goes, “an ounce of prevention is worth a pound of cure.”
While cities’ insurance policies may cover some of the costs associated with these attacks, insurance coverage is no guarantee—especially if the insurer suspects that the city should have done more to protect itself against these types of threats. And even if coverage is extended, cities will usually be responsible for paying a four- or five-figure deductible.
These costs pale in comparison to the intangible costs that come from a complete system shutdown. One of our clients—a town—lost the ability to generate water bills for three full months, and you can only imagine the backlog its employees had to deal with after services were restored.
These attacks often throw an agency into total disarray for months, if not years.
Fortunately, protecting against cybersecurity threats doesn’t need to be an expensive or time-consuming process.
At Futurelink IT, our experts perform a comprehensive security assessment to spot and cure potential vulnerabilities and train your staff. For a quick and simple self-assessment, download a copy of our checklist, 14 ways to protect your municipality, here.
If you are in immediate need of assistance, click here to book a free 30-minute consultation with me.