Addressing the Ransomware Threat to Municipalities

Read on to learn more about the threat and how GovPilot can help. Please contact us for more information, and to schedule a FREE confidential advisory call.

Atlanta, Baltimore, Cleveland, Greenville, New Orleans, Pensacola. Those are just a few of the cities that have been struck by high-profile ransomware attacks in recent months. The hackers responsible for the Pensacola attack demanded a ransom of $1 million to decrypt the data seized. Rather than pay a $52,000 ransom, Atlanta decided to rebuild its IT infrastructure from scratch at a cost of tens of millions of taxpayer dollars. Even these larger cities, presumably with the resources available to shore up their digital defenses and implement best-practices in the event of a breach, are falling victim.

"Ransomware is not just about the ransom money demanded."

Whether a government pays a ransom or not, hackers know that it only takes a couple of payouts to fill up their bank account. In March, Jackson County, Georgia paid a $400,000 ransom, and in June, Riviera Beach, Florida sent $600,000 to hackers to restore their systems. Hackers also know that smaller municipal governments are easy, lucrative targets. Even small towns have substantial budgets, and unfortunately many of those communities are less equipped and prepared to defend against, and recover from such attacks than their larger counterparts. With digital tools readily available on the internet, hackers don’t need to be very sophisticated. Relative novices are capable of building and deploying effective ransomware programs.

This problem isn’t going away. In fact, it’s getting worse. A recent GovTech report showed 77 successful ransomware attacks against state and local U.S. governments from January - September 2019. That is up from 55 attacks in all of 2018 across local and state governments. Perhaps more disturbing, these numbers are likely low, because there is no central authority to which governments are required to report cyber attacks, meaning many go unreported and unaccounted for publicly. Sadly, most of these attacks could have been prevented with adequate staff training, effective patch management and a maturing security program.

Speaking about the threat, GovPilot’s Chief of Security, Jason LeDuc said, “Ideally a municipality is able to thwart attacks because it has taken preemptive measures to defend its IT infrastructure. But for those that are impacted, ransomware is not just about the ransom money demanded. Too many organizations focus on the decision to pay or not to pay. Regardless of the payout, an organization, its employees, and citizens remain vulnerable to follow on attacks, be it data theft, ransomware or something else. For local governments, the loss of productivity from its employees and services, as well as a loss of trust from constituents can be devastating. The truth is that until a municipality takes concrete steps to secure its systems, it will remain a known, vulnerable target.”

LeDuc added, “In the cybersecurity industry we use a ‘Security Maturity Scale’ with a range of one through five to assess an organization’s security posture, with five being excellent. Unfortunately most municipalities score less than one when compared to the NIST Cyber Security Framework and CIS20. GovPilot seeks to address that unsustainable gap by advising its clients on industry best practices and supporting methods to minimize risk.”

If you are a municipal leader - Mayor, Council member, Business Administrator, IT Director, etc - Contact GovPilot to:

• Receive a FREE, high-level ransomware maturity assessment
• Understand your municipality’s vulnerabilities
• Learn best-practices to withstand a ransomware attack
• Strengthen your community’s security posture