An increasing number of governmental units and agencies are being targeted with ransomware cyberattacks. Last week, computer systems in 22 Texas towns were hacked and held for ransom for millions of dollars. The Texas Department of Information Resources has reported that most of the affected entities were smaller local governments. Similar attacks have also happened in Atlanta and Baltimore.
These attacks cause great risk to both public safety and individual welfare, particularly where critical systems are attacked. Past ransomware incidents have caused disruption to governmental operations, including police and court functions, 911 dispatch system operability, and processing of utility payments, among other issues. Recovery from these breaches can be complicated and expensive. For example, reports estimate that Atlanta will spend $17 million on efforts to respond to a roughly $50,000 ransom demand.
Cybersecurity is a serious issue that must be addressed, but local governments are often fearful that there is nothing they can do to protect themselves against these attacks, either due to cost or due to complexity. However, there are some simple steps that any local government can take to help protect against and prepare for cyberattacks.
- Every municipality should have a security program in place that requires use of reasonable security measures. For example, at a minimum, every municipality should use firewalls and anti-virus software, timely install security patches and software updates, and require complex passwords. Encryption also helps protect confidential and sensitive information.
- Municipalities’ agreements with third-party vendors and contractors should require that appropriate security measures be used.
- Just as many municipalities have a disaster response plan in the event of fire, tornado, etc., they should also have a plan for responding to ransomware and other hacking incidents.
Most importantly, every entity should educate its employees about how to identify a potential attack. Security protocols can be rendered worthless if an individual unwittingly gives access by clicking on a corrupted link or executable file or otherwise falls for a scam designed to allow an intruder to obtain access.