10 min read
Book a Free Consultation

7 Government Cybersecurity Best Practices 2023: Keep Data Secure & Prevent Ransomware Attacks

By Harrison Kelly

While many local governments are taking strides towards a digital transformation, those that aren’t adapting with the times are putting themselves at serious risk. Ransomware attacks and other cyber breaches have plagued local governments for years because of a continued reliance on outdated technology systems that aren’t secure and are easy to hack. 

Fortunately, federal funding from the American Rescue Plan and Infrastructure Bill is being dispersed to cities and towns across the country, allowing governments to spend money on IT infrastructure. That means your community will have funds available to update antiquated technology and eliminate vulnerabilities that will make it far more difficult for hackers to access or steal critical information.

But what kind of infrastructure is needed to prevent cyber attacks? And what other cyber security measures can you take? 

Stop cybercrime ransomware attacks from occurring in your local government and follow along for more details on what cybersecurity is and how your local government can take action to secure networks and data against hackers and ransomware attacks. 

Get a GovPilot Demo

What is Cybersecurity? 

According to DigitalGuardian, cybersecurity can be defined in simple terms as, “the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access.”

As the world becomes even more dependent on digital infrastructure, hackers are actively engaging in the theft of classified or personal information like financial data, social security numbers, or health records. Cybersecurity is the practice of implementing technology to actively guard against or combat these intrusive attacks. 

Why is digital infrastructure more secure than outdated physical infrastructure? Check out the link to learn more. 

What is a Ransomware Attack?

Ransomware attacks are one of the most common ways that many local governments have been targeted  by hackers recently. 

In a ransomware attack, a hacker uses sophisticated encryption to infect a computer system so that individuals or organizations can’t access their important information. Hackers require the payment of a hefty ransom fee in order to return the stolen information. If the fee isn’t paid, your organization’s information can potentially be lost forever. More recent trends see criminals instead threatening to publish the sensitive data.

Ransomware is also becoming accessible to a wider array of perpetrators as it becomes more common for developers to make.  It has also become easier for hackers to provide malware to less tech-savvy criminals for the latter’s use in exchange for a fee or cut of the ransom — an illegal business practice known as ransomware as a service (RaaS).

This year, the global cybersecurity company, BlackFog released the newest recorded data on ransomware attacks and the key trends of 2022 to 2023 US ransomware attacks. The data makes it clear that the frequency of ransomware attacks has been on a steady increase since 2020, with the highest reported attacks being in 2023. 

The crucial findings of this data revealed that 89% of ransomware attacks in 2022 to 2023 resulted in stolen government data. The financial incentive of the ransomware attacks is obvious; the average government pay out to retrieve stolen data is $327,883. These attacks are only the reported ones, many ransomware attacks go unreported, but amplify the likelihood of your local government experiencing a cyberattack. 

What Happens if a Government is Hit With a Cyber Attack?

According to best practices listed by the FBI, municipalities that are subject to ransomware attacks face a difficult choice: pay the hackers with no guarantee stolen data will be returned by cyber criminals, or choose to lose critical data information forever, and waste valuable government money on damage control. The FBI advises against paying ransom fees because it encourages more hackers to attack local government departments. Additionally, not all hackers may even manage to successfully hand back the data even if they attempt to. 

Handing over funds reinforces to cyber criminals that these are profitable attacks, further perpetuating the problem. Victims may also be hit with fines by the Federal government should they pay ransom to bad actors who are on sanctions lists, and it is not always easy to quickly discern which perpetrators qualify.

But paying up sometimes feels like the better of two bad choices. It means critical infrastructure providers can restore services rapidly before loss of access to them causes serious damage. It also may be the relatively affordable option for smaller entities when weighed against the costs of rebuilding permanently locked-up systems, a Task Force convened by the Institute, reports. 

For more information, read our blog on preventing government data breaches with lessons from real life examples.

Why Should Local Governments Care About Cybersecurity?

Unfortunately, local governments have become prime, easy targets for hackers, because: 

  • Governments store significant amounts of data and have substantial budgets. 
  • Without modern government IT infrastructure, outdated systems are often outdated and easy to break into. 
  • Employees often lack training on proper cybersecurity practices such as recognizing a phishing email and implementing password security best practices

Learn more about How to Train Government Workers on Cyber Security Threats

Consider New York's Local Government Cybersecurity Management Plan and how to make one for your municipality, in order to take control of cybersecurity measures before an emergency happens. 

What Consequences Have Local Governments Faced After Being Breached?

Government data breaches have left localities without access to their critical data and unable to perform municipal services for years, and the hackers are getting even more sophisticated.

Throughout 2022, the Maryland Department of Health experienced a long-term disruption in service because of a ransomware attack that left employees with limited resources to get work completed, and resulted in full-system downtime. COVID-19 surveillance data and records regarding Maryland's Medicaid benefits and healthcare licensing services were also compromised and disrupted digitally. The recovery and the impacts of the attack left the health department virtually helpless to recover its data for months. 

Another 2022 ransomware hack in Glenn County, California compromised the office of Education, which disabled all of its internet-based services, including voice-over-internet phones, emails, and financial software across the county. The recovery effort in Glenn County left the Office of Education scrambling for weeks to get systems back up and working for the school systems. 

Why a Government Digital Transformation Can’t Wait

Governments that continue to hold out on improving their digital infrastructure will only increase their risk of being exposed as outdated systems are the most common way ransomware gets into the government system. Failure to act comes with the risk of crippled services, exorbitant expenses to rectify a breach, or leaving every department, business, and constituent at risk of having their personal information stolen and potentially lost forever. 

How Can Your Local Government Improve Cybersecurity? 

You may be feeling anxious that your local government is potentially exposed. Fortunately President Joe Biden signed both the American Rescue Plan and the Infrastructure Investment and Jobs Act to provide federal stimulus funds directly to town and city governments across the United States. 

The text of the bill grants funds to be used for infrastructure, meaning local governments can use the funds directly to ramp up a modern municipal IT strategy with better technology and cybersecurity. The former Kentucky Chief Information Officer summed it up perfectly when he said federal infrastructure grants are, “an opportunity for leaders in state and local governments to shore up… vulnerabilities and position their organizations for the future.” 

Here are some of the ways your government can take action to improve cybersecurity and prevent ransomware attacks:

1. Begin using cloud-based technology

On-site servers are not only expensive to maintain, but are also considered some of the easiest for hackers to break into. Yet, thousands of municipalities continue to use them to store sensitive information. Using federal funds to move away from this antiquated technology towards cloud-based government management software will save money and make it significantly more difficult for a hacker to break in.

Cloud-based software does not require any on-site servers, meaning that once information like a permit is filed, it will automatically be saved by government management software and accessible to only those who are granted access.

Besmir Alia, GovPilot’s Chief Information Officer, notes that cloud-based technology such as GovPilot’s platform provides several advantages over on-site server systems: 

  • Centralized data is stored securely off-site with certified cloud providers.
  • Redundant, regular backups ensure data can be recovered from any point in time.
  • Automatic backups can be set every 15 minutes, hourly, daily, or monthly depending on the importance of the data. 
  • Backups enable the implementation of a strict business continuity policy. 
  • Modern Technology and Best Practices applied in the building of applications.
  • Scheduled updates of software, packages, plugins, and servers keep platforms secure.
  • Government cloud technology providers focus on delivering quality through extensive manual and automated quality assurance (QA). GovPilot uses the Microsoft Azure Cloud to keep data safe and secure.
  • Upkeep and maintenance costs of cloud-based technology is far more cost effective.

2. Forge a Government IT Disaster Recovery Plan

Every local government should have a well-thought-out government IT disaster recovery plan in place to protect their computer systems and data in case of cyber attack or another unexpected disruption. The plan should outline procedures to follow before, during, and after a ransomware / malware attack in order to minimize impact and speed up recovery. 

The steps for a government IT disaster recovery plan should include: 

  • Identifying critical systems or data that could be compromised

  • Assessing potential risks that could make your systems vulnerable

  • Implementing preventive measures and teaching all government employees to comply 

  • Creating backup and restoration strategies for valuable government information such as the use of the government cloud

3. Switch to a .gov Domain

Far too many local governments house their websites on a .org or .com domain, which is substantially less secure than a .gov URL. 

The Cybersecurity and Infrastructure Security Agency (CISA) recently announced that governments will no longer have to pay a $400 registration fee to acquire a .gov domain through the fiscal year. A .gov domains automatically include two-factor authentication for all users, as well as ongoing vulnerability monitoring, which means you have an opportunity to drastically increase website security for free! 

Read on for more tips on How To Improve Your Local Government Website Design

4. Encrypt Sensitive Information

Data encryption is the process of translating data into code so that only people with an access code or password can view valuable text, documents, or records. 

Data encryption is known as one of the top forms of US government cybersecurity, and means that even if a government laptop, mobile phone, or USB is stolen, the thief won’t be able to access the data inside. 

All data is encrypted on the GovPilot platform. Learn more in the government software security overview.

5. Encourage Use of Secure Passwords For All Employees

It’s unfortunate that some people still make their password “password.” Let your government workers know that in order to protect your precious data and network, they’ll need to use passwords that are elaborate and difficult to guess. Some cyber security experts even recommend ‘pass phrases’ that include spaces because they are much more secure and difficult to guess. 

You should also encourage employees to change their passwords at least once every month or so, and make sure that they do not leave login information or passwords written down and left visible anywhere. 

6. Train Employees on Cybersecurity Hygiene and Identification of Phishing Emails

Phishing emails - in which an email might seem legitimate - but contains a malicious link that when clicked on, inserts a virus into the unsuspecting user’s computer, infecting it and the network it is connected to, is the source of many recent ransomware attacks. Phishing emails often look as if they are sent from innocuous looking email addresses, but with training, employees can learn to identify, and avoid opening suspicious emails or clicking on potentially harmful links or files. 

Services such as Knowbe4 provide comprehensive and ongoing training that can help get staff up to speed quickly, and reduce the chances of your government being impacted by a cyber breach due to ignorance or negligence. 

Hiring tech savvy government workers who understand cybersecurity best practices and can help more senior colleagues navigate the challenges and risks of the new cyber risk landscape is another way to bolster employee cyber resilience. 

7. Utilize Two-Factor Authentication

Two-factor authentication, or identity authentication, is a security feature which will send a computer generated numeric code to the cell phone or email address of the person associated with the login of a particular website or service. The user will then be prompted to enter the code sent to their phone, into a form field on the website or digital service before proceeding. 

This ensures that the person’s login credentials are aligned with their associated personal phone, or email address and helps to stop ransomware attacks from occurring. 

What Are the Benefits of Government Cybersecurity?

There are many benefits to governments modernizing their IT technology and cybersecurity. 

Here are some of the benefits:

  • Top-of-the-line security: 

Ransomware attacks continue to be a threat for organizations around the world. With encrypted, secure IT infrastructure and important government data stored and backed-up by the cloud, your local government won’t have to worry about data loss. 

  • Improved efficiency:

In addition to cloud-based software being more secure, it also improves government workflows and saves time. With government management software, important data is automatically saved and distributed to all relevant departments. No longer will your local government clerks department have to manually send important documentation over on a per case basis, with municipal clerks software digitized forms saving one clerks’ office 40 hours in time every month! Learn more in the Jackson Township Clerk’s Case Study.

  • Long-term savings: 

Improved IT infrastructure saves money in more ways than one. Cyber attacks have cost unprepared communities like Atlanta and Baltimore millions in recovery costs, so the up-front costs are well worth it to prevent a hacking disaster. Additionally, your local government will save money moving away from expensive on-site servers to a cheaper cloud-based system. 

    • Don’t forget how much money will be saved with improved workflows! That keeps more money in your governments’ budget and ensures that taxpayer money is being well spent. 
  • Constituent trust: 

Taking the time to secure your data and to switch to a .gov website will certainly be noticed by your constituents. That equates to deeper trust in the local government and better civic engagement as a result. 

Government Cybersecurity: Final Thoughts

Overall, it’s very clear that local governments must take action to improve their cybersecurity. Your local government IT department should have a goal to stop ransomware in 2023 through preventative measures. Failure to do so can result in the loss of sensitive information and recovery costs in the millions of dollars. 

Do away with on-site servers, encrypt your data, implement .gov, and make the switch to cloud-based government management software so that your community and its precious assets are safe from even the most sophisticated hackers. 

To learn more about how to move your government to a secure cloud-based system, schedule a consultation. 


Local Government Cybersecurity FAQ

1. What is cybersecurity? 

According to DigitalGuardian, cybersecurity can be defined in simple terms as, “the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access.” Your locality should dedicate time and resources to becoming a cyber-secure government. 

2. Why is cybersecurity important for local governments? 

Local governments have become prime, easy targets for hackers, due to the fact that they store significant amounts of data and have substantial budgets. With IT infrastructure that is often outdated and easy to break into, as well as employees who too often lack training on proper cybersecurity hygiene such as recognizing a phishing email and implementing password security best practices, local governments have become prime targets. 

3. How can local governments improve their cybersecurity? 

Local government leaders should consider several steps to improving cybersecurity and stop ransomware attacks including: deploying cloud-based solutions, switching to a .gov url, encrypting sensitive information, training and encouraging employees to practice proper cybersecurity practices, and utilize two-factor authentication.

Read on for the latest government trends:


Tags: Cybersecurity, Digital Transformation, Blog