Catherine Prewitt, a CCIS graduate, has compiled an industry analysis on the cybersecurity risks in municipalities and government entities after the county she resides in, Suffolk County, New York, fell prey to a brutal ransomware attack.
Municipalities and government entities maintain and manage an extensive array of services exposing them to cybersecurity risks. The informational technology and operational technology of this industry affect critical infrastructure and daily life. The effects of an attack can be far-reaching, resulting in the disruption of emergency services, utility services, transportation, hospitals, schools, and libraries. Losses in these areas are a huge public safety risk and could lead to major financial losses. This is especially significant because the public is hugely dependent on the critical services offered by their local municipalities and governments.
Municipalities and government entities have become a target for nation-state and geo-political threat actors.
Municipalities and government entities are seen as easy targets for threat actors because they are often underfunded and underprepared. Most municipal entities find it difficult to stay ahead of the cyber threats. Budgets are tight. Personnel resources, adequate training, and regulations can hinder the application of updates or the implementation of new programs. Additionally, municipalities and government entities have so many services they must factor into their cybersecurity policies simply due to the wide range of assistance they offer. Not all areas maintain the same requirements nor have the same regulatory specifications to adhere to. This adds to the complexity of the management of the entity’s cybersecurity plan.
Cyber Threat to Local Municipalities and Government Entities
The cybersecurity risks in municipalities and government entities are dangerous and ever-present. In September 2022, a ransomware attack caused a shutdown of Suffolk County, New York. The BlackCatAlphV ransomware group gained entry through a vulnerability in the server of the County Clerk’s Office in 2021. For the duration of eight months, they installed Bitcoin mining software and created fake accounts. The attack only impacted 1.6% of the county’s systems but email accounts had to be disabled for approximately 10,000 employees. This resulted in emergency dispatch taking calls with handwritten notes passed off to police who in turn dispatched services via radio. Contractors were paid with paper checks, saw significant delays in the issuance of checks, and the title search system was down. The information of 1.5 million residents was leaked. As of April 12, 2023, $5.5 million was spent on investigation and restoration of services. It could cost upwards of $17 million to make up for the damages caused by this attack.
Ways to Mitigate Cybersecurity Risks in Municipalities are Government Entities
The more services a municipality or government entity offers the greater the cybersecurity risks. Technology is essential to share information and connect resources. The larger the entity the greater the challenge. A municipality cannot cease to provide services because of a cyber attack. Governmental entities should work together to set standard legislation and regulations to protect citizens. Additional funds should be budgeted to provide adequate IT staff and training. The implementation of multi-factor authentication and end-point detection programs is critical. There needs to be a robust data backup system for internal servers as well as cloud applications. Employees must be trained and monitored.
In conclusion, the cybersecurity risks in municipalities and government entities are complex and far-reaching. Through careful and continuous review of their internal systems, some of this can be overcome. However, more robust legislation needs to be enacted to protect these entities and their citizens.
Boost your career
Boost your salary
Stay Relevant with the Global Standard in accredited Cyber Insurance Certification.
