8 min read

Government Cybersecurity 2023: How to Prevent Ransomware Attacks

By GovPilot
 

While many local governments are taking strides towards a digital transformation, those that aren’t adapting with the times are putting themselves at serious risk. Ransomware attacks and other cyber breaches have plagued local governments for years because of a continued reliance on outdated technology systems that aren’t secure and are easy to hack.

Fortunately, federal funding from the American Rescue Plan is on it’s way to cities and towns across the country, allowing governments to spend money on IT infrastructure. That means your community will have funds available to update antiquated technology and eliminate vulnerabilities that will make it far more difficult for hackers to access or steal critical information.

But what kind of infrastructure is needed to prevent cyber attacks? And what other security measures can you take? 

Follow along for more details on what cybersecurity is and how your local government can take action to secure networks and data against hackers and ransomware attacks. 

What is Cybersecurity? 

According to DigitalGuardian, cybersecurity can be defined in simple terms as, “the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access.”

As the world becomes even more dependent on digital infrastructure, hackers are actively engaging in the theft of classified or personal information like financial data, social security numbers, or health records. Cybersecurity is the practice of implementing technology to actively guard against or combat these intrusive attacks. 

What is a Ransomware Attack?

Ransomware attacks are one of the most common ways that many local governments have targeted by hackers recently. 

In a ransomware attack, a hacker uses a sophisticated encryption to infect a computer system so that individuals or organizations can’t access their important information. In order to get the information back, hackers require the payment of a hefty ransom fee. If the fee isn’t paid, your organization’s information can potentially be lost forever. More recent trends see criminals instead — or in addition — threaten to publish the sensitive data.

Ransomware is also becoming accessible to a wider array of perpetrators as it becomes more common for developers to make and provide malware to less tech-savvy criminals for the latter’s use in exchange for a fee or cut of the ransom — an illegal business practice known as ransomware as a service (RaaS).

Last year, 2020, continued a worsening ransomware trend. According to a recently launched Ransomware Task Force, there were nearly 2,400 reported attacks last year targeting U.S.-based governments, educational institutions and health facilities. Victims suffered an average downtime of 21 days and needed an average 287 days to fully recover from encryption attacks.

According to the same report, the financial tolls are also racking up: U.S. victims paid $350 million in ransoms last year, a 311% increase over 2019, with an average payment of $312,493. 

According to the Institute for Security and Technology, those subjected to ransomware face a difficult choice. Paying brings no guarantee that cyber criminals will uphold their ends of the bargain, and not all hackers may even manage to successfully hand back the data, with threat protection solutions provider Emsisoft stating that issues in malicious code could inadvertently cause even some compliant victims to still lose their data.

Handing over funds also, of course, reinforces to cyber criminals that these are profitable attacks, perpetuating the problem. Victims may also be hit with fines by the Federal government should they pay ransom to bad actors who are on sanctions lists, and it is not always easily to quickly discern which perpetrators qualify.

But paying up sometimes feels like the better of two bad choices. It means critical infrastructure providers can restore services rapidly before loss of access to them causes serious damage. It also may be the relatively affordable option for smaller entities when weighed against the costs of rebuilding permanently locked-up systems, a Task Force convened by the Institute, reports. 

For more information, read our blog on preventing data breaches.

Why Should Local Governments Care About Cybersecurity?

Unfortunately, local governments have become prime, easy targets for hackers, due to the fact that they store significant amounts of data and have substantial budgets. With IT infrastructure that is often outdated and easy to break into, as well as employees who too often lack training on proper cybersecurity hygiene such as recognizing a phishing email and implementing password security best practices, local governments have become prime targets. 

In 2018, Atlanta faced a massive data breach when a remote hacker hit the city with a ransomware attack, stealing encrypted information and demanding a $51,000 payment. When the government officials refused to comply, they ended up losing millions in city funds as a result of the breach. In 2019, 22 communities in Texas were hit at once with an elaborate ransomware attack that shutdown their local governments and left constituents without public services for days. 

Governments that continue to hold out on improving their digital infrastructure will only increase their risk of being exposed as the number of ransomware attacks continue to grow every year. Failure to act comes with the risk of crippled services, exorbitant expenses to rectify a breach, or  leaving every department, business, and constituent at risk of having their personal information stolen and potentially lost forever. 

How Can Your Local Government Improve Cybersecurity? 

You may be feeling anxious that your local government is potentially exposed. Fortunately, a means to bring about necessary changes is coming. In March 2021, President Joe Biden signed the American Rescue Plan, which is providing Federal stimulus funds directly to town and city governments across the United States. 

The text of the bill grants funds to be used for infrastructure, meaning local governments can use the funds directly to ramp up IT technology and cybersecurity. The former Kentucky Chief Information Officer summed it up perfectly when he said, “the American Rescue Plan is an opportunity for leaders in state and local governments to shore up… vulnerabilities and position their organizations for the future.” 

Here are some of the ways your government can take action to improve cybersecurity and prevent ransomware attacks:

1. Begin using cloud-based technology

On-site servers are not only expensive to maintain, but are also considered some of the easiest for hackers to break into. Yet, thousands of municipalities continue to use them to store sensitive information. Using federal funds to move away from this antiquated technology towards cloud-based government management software will save money and make it significantly more difficult for a hacker to break in.

Cloud-based software does not require any on-site servers, meaning that once information like a permit is filed, it will automatically be saved by government management software and accessible to only those who are granted access.

Besmir Alia, GovPilot’s Chief Information Officer, notes that cloud-based technology such as GovPilot’s platform provides several advantages over on-site server systems: 

  • Centralized data is stored securely off-site with certified cloud providers.
  • Redundant, regular backups ensure data can be recovered from any point in time.
  • Automatic backups can be set every 15 minutes, hourly, daily, or monthly depending on the importance of the data. 
  • Backups enable the implementation of a strict business continuity policy. 
  • Modern Technology and Best Practices applied in the building of applications.
  • Scheduled updates of software, packages, plugins, and servers keep platforms secure.
  • Cloud technology providers focus on delivering quality through extensive manual and automated quality assurance (QA).
  • Upkeep and maintenance costs of cloud-based technology is far more cost effective.

Additional tips for improving cloud-based security can be found at the Center for Internet Security

2. Switch to a .gov Domain

Far too many local governments house their websites on a .org or .com domain, which is substantially less secure than a .gov URL. 

The Cybersecurity and Infrastructure Security Agency (CISA) recently announced that governments will no longer have to pay a $400 registration fee to acquire a .gov domain through the fiscal year. A .gov domains automatically include two-factor authentication for all users, as well as ongoing vulnerability monitoring, which means you have an opportunity to drastically increase website security for free! 

3. Encrypt Sensitive Information

Data encryption is the process of translating data into code so that only people with an access code or password can view valuable text, documents, or records. 

Data encryption is known as one of the top forms of cybersecurity, and means that even if a government laptop, mobile phone, or USB is stolen, the thief won’t be able to access the data inside. 

4. Encourage Use of Secure Passwords For All Employees

It’s unfortunate that some people still make their password “password.” Let your government workers know that in order to protect your precious data and network, they’ll need to use passwords that are elaborate and difficult to guess.

You should also encourage employees to change their passwords at least once every month or so, and make sure that they do not leave login information or passwords written down and left visible anywhere. 

5. Train Employees on Cybersecurity Hygiene and Identification of Phishing Emails

Phishing emails - in which an email might seem legitimate - but contains a malicious link that when clicked on, inserts a virus into the unsuspecting user’s computer, infecting it and the network it is connected to, is the source of many recent ransomware attacks. Phishing emails often look as if they are sent from innocuous looking email addresses, but with training, employees can learn to identify, and avoid opening suspicious emails or clicking on potentially harmful links or files. 

Services such as Knowb4 provide comprehensive and ongoing training that can help get staff up to speed quickly, and reduce the chances of your government being impacted by a cyber breach. 

Hiring younger, tech savvy workers who understand cybersecurity best practices and can help more senior colleagues navigate the challenges and risks of the new cyber risk landscape is another way to bolster employee cyber resilience. 

6. Utilize Two-Factor Authentication

Two-factor authentication, or identity authentication is a security feature which will send a computer generated numeric code to the cell phone or email address of the person associated with the login of a particular website or service who will then be prompted to enter the code sent to their phone, into a form field on the website or digital service before proceeding. 

This ensures that the person’s login credentials are aligned with their associated personal phone, or email address. 

What Are the Benefits of Government Cybersecurity?

There are many benefits to governments modernizing their IT technology and cybersecurity. 

Here are some of the benefits:

  • Top-of-the-line security: Ransomware attacks continue to be a threat for organizations around the world. With encrypted, secure IT infrastructure and important data backed-up by the cloud, your local government won’t have to worry about data loss. 
  • Improved efficiency: In addition to cloud-based software being more secure, it also improves government workflows and saves time. With government management software, important data is automatically saved and distributed to all relevant departments. No longer will clerks have to manually send important documentation over on a per case basis, with digitized forms saving one clerks’ office 40 hours a month in time.
  • Long-term savings: Improved IT infrastructure saves money in more ways than one. Cyber attacks have cost unprepared communities like Atlanta and Baltimore millions in recovery costs, so the up-front costs are well worth it to prevent a hacking disaster. Additionally, your local government will save money moving away from expensive on-site servers to a cheaper cloud-based system. Lastly, don’t forget how much money will be saved with improved workflows! That keeps more money in your governments’ budget and ensures that taxpayer money is being well spent. 
  • Constituent trust: taking the time to secure your data and to switch to a .gov website will certainly be noticed by your constituents. That equates to deeper trust in the local government and better civic engagement as a result. 

Government Cybersecurity: Final Thoughts

Overall, it’s clear that local governments must take action to improve their cybersecurity. Failure to do so can result in the loss of sensitive information and recovery costs in the millions of dollars. 

Do away with on-site servers, encrypt your data, implement .gov, and make the switch to cloud-based government management software so that your community and its precious assets are safe from even the most sophisticated hackers. 

To learn more about how to move your government to a secure cloud-based system, schedule a consultation. 

Book A Consultation

 

Local Government Cybersecurity FAQ

1. What is cybersecurity? 

According to DigitalGuardian, cybersecurity can be defined in simple terms as, “the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, damage, or unauthorized access.”

2. Why is Cybersecurity important for local governments? 

Unfortunately, local governments have become prime, easy targets for hackers, due to the fact that they store significant amounts of data and have substantial budgets. With IT infrastructure that is often outdated and easy to break into, as well as employees who too often lack training on proper cybersecurity hygiene such as recognizing a phishing email and implementing password security best practices, local governments have become prime targets.

3. How can local governments improve their cybersecurity? 

Local government leaders should consider several steps to improving cybersecurity including: deploying cloud-based solutions, switching to a .gov url, encrypting sensitive information, train and encourage employees to practice proper cybersecurity practices, utilize two-factor authentication. 

Tags: Cybersecurity, Digital Transformation, Blog