Key steps for preventing local government cyberattacks
Ransomware risks and other cyberthreats continue to be top concerns for municipal councils, and elected officials and local government managers are at the frontline. It's not just about finding ways to mitigate these cyberthreats; it's about protecting your constituents, their data, and your operations.
Local governments store a high level of sensitive information, and they have a fiduciary duty to protect all data they collect. The necessary interconnectivity of operational systems also puts local governments at risk for cyberattacks.
This article explores the various types of cyberattacks facing local government, with some tips on how to mitigate them along with recommendations for best practices for cybersecurity.
Ransomware continues to be a threat to local government
Local governments oversee critical services such as emergency services, utilities and educational facilities, and they need data to provide those services effectively. As Pew Research points out, data is valuable for local governments as it allows them to set more effective policies and monitor whether those policies are meeting their objectives, yet having so much data makes local governments vulnerable to cyberthreats.
Ransomware is a form of malware that encrypts files and demands a ransom payment for the key to decrypt it. Ransomware attacks often begin with an email with links or attachments that seem benign, but give the hacker access to the system as well as the network. Such malware poses a threat to local governments because it can significantly affect operations and put sensitive information at risk.
Here's a snapshot of the damage a ransomware attack can cause to a local government:
- Server shutdowns
- Massive data exposures
- Paralysis of 911 centers
- Interference with traffic management systems
- Financial loss
A major trend in local governments is to start incorporating smart technology which requires the community infrastructures to rely heavily on interconnected technologies. While smart technology yields many positives, it simultaneously generates new vulnerabilities.
Because local governments are often operating on a shoestring budget, they rarely have dedicated cybersecurity experts, which means they must rely on their IT team to ensure security across their systems. However, IT departments often do not have the necessary budget allocation, so holes in their security leave them vulnerable to attacks. These attacks can range from viruses to hackers to phishing.
Just how big is the problem? According to The State of Ransomware in State and Local Government 2023, the rate of ransomware attacks in state and local governments has risen from 58% to 69% year over year. The same report also showed that in just under half of ransomware cases, data was also stolen.
An attack on the city of Oakland in California demonstrates the importance of preventing cyberattacks. A ransomware attack in early 2023 in Oakland caused city officials to have to shut down their servers to contain the attack and issue a state of emergency. The hackers encrypted data which compromised infrastructures and shut down various operations. In addition to disrupting vital services, the city notified city employees and some residents that their data may have been stolen. Cyber experts suspect that a phishing email may have launched the attack.
While local governments are specifically vulnerable to ransomware threats, they should be aware of other cyberthreats that can be equally devastating.
Other cyberthreats facing local government agencies
One of the biggest challenges local government entities have is keeping pace with increasingly sophisticated tactics and attack methods.
Here is a brief overview of other known cyberthreats:
- Phishing attacks: Cybercriminals may send fraudulent emails, text messages or social media messages disguised as a trusted source to trick recipients into giving up sensitive information or login credentials.
- Malware: Malicious software that contains viruses, spyware, and Trojans, can infect council members' devices and networks. Malware infiltrates devices, corrupts data, and holds them hostage until the government pays a ransom. This type of attack can also lead to data breaches or unauthorized access.
- Insider threats: Insiders may accidentally or intentionally steal data, sabotage systems or compromise data security. For this reason, council members must be vigilant about access control and monitoring.
- Social engineering: This refers to deceiving people into disclosing information or taking actions that compromise security. Common tactics include impersonation and baiting.
- Public Wi-Fi risks: Council members and employees who use public Wi-Fi networks create an environment where hackers can intercept communications and steal sensitive information.
- Weak or easily guessed passwords: Cybercriminals are adept at using techniques to crack passwords to gain unauthorized access to systems. A policy that encourages using strong, unique passwords along with implementing multi-factor authentication is crucial to preventing unauthorized access.
- Data breaches: Cybercriminals are also skilled at stealing sensitive information from databases and servers. A data breach can involve the theft of personal information and can also lead to legal repercussions and reputational damage. It’s critical to encrypt data and restrict access to authorized personnel.
- Email compromise: Malicious actors may compromise email accounts to impersonate council members or staff, and subsequently disseminate false information or illegally transfer funds.
Considering the evolution of interconnectivity, the prevalence of cyberthreats demands that council members work together proactively to mitigate cyber risks and spread awareness of cyber risks.
Mitigating cyber risks for local government
Public entities and local governments can continue to do more in the area of cybersecurity. A good start to mitigating cyber risks is to rely on best practices for cybersecurity in local government.
For example, using personal or government email to either communicate or to prepare and transmit meeting materials is inviting unnecessary levels of risk. Elected board members are likely unaware of the risks and their personal liability.
Municipalities should prioritize cybersecurity awareness and education among themselves and their staff, implement robust security practices and policies, and regularly update security measures to further mitigate cybersecurity risks. Cybersecurity experts are also valuable resources for helping local governments protect their digital assets and sensitive information.
Recommendations for cyber best practices for local government organizations
- Utilize secure cloud-based software like Diligent Community for both agenda creation and the distribution of materials to council members. Logging into a secure portal eliminates the likelihood of users clicking on a tainted email or attachment.
- Everyone involved in council business, agenda creation, delivery, or use needs to be updated with training on cybersecurity. Cybersecurity needs to be viewed as a shared responsibility, not just a job for IT teams.
- Municipalities need to keep their cybersecurity and response plans up to date. These should be regularly reviewed, as cyberthreats are evolving so quickly.
- Local government agencies need to adopt a digital security mindset, with contingency and disaster plans in place. Working closely with other entities can help minimize threats.
- When possible, it is best to have dedicated, secure platforms to prepare and host agenda materials and council documents that are password protected and encrypted.
Without a doubt, cybersecurity is an ongoing process, and vigilance is key to safeguarding local government systems and data, and it starts inside your boardroom. A board management solution mitigates cyber risks among board members while allowing them to conduct the board’s work efficiently.
See how Diligent Community can help strengthen your government organization’s cyber resilience. Request a demo today.
