Government data breaches pose one of the largest threats for US government entities in 2022 and beyond. As geopolitical tensions rise between Russia and the West, targeted cyber attacks against the federal, state, and local governments are increasingly likely. In fact, the FBI recently warned that ransomware is straining local government services, as local governments are favorite targets of hackers, second only to academic institutions.
Given this, how do you prevent a cyber attack on your municipality? And what happens if a data breach occurs?
Explore this guide for insights into the true costs of a government data breach with real life examples, precautions to take in your locality, and how to immediately respond if a breach occurs in your community.
What is a Government Data Breach?
A government data breach is when private data belonging to a public sector entity is accessed by external forces without authorized permission. Oftentimes, hackers will intentionally trick government workers into unknowingly granting them access to top secret government data. In other instances, unintentional mistakes can lead to private data being made public.
When a data breach occurs due to a hack, the sensitive data is frequently withheld from the government entity unless a hefty ransom is paid. Stolen data can include information about your government affairs, constituents, or private sector partners, meaning it is of the utmost importance to prevent government data breaches from occurring.
Real Life Government Data Breach Examples
Governments of any size are at risk of being hacked. National governments around the world have been hacked, including the United States. State and local governments have experienced major ransomware attacks in which breached data turned into lost data.
Here are some real life examples of government data breaches, and lessons to be learned for your local government:
Government Data Breaches At the Local Level
Local government data breaches are becoming much more common because hackers know that many municipal and county governments are using antiquated information technology systems.
Here are a few examples of local government data loss events that occurred as a result of antiquated cybersecurity protocols:
1. Atlanta declines to pay a ransom for stolen government data, fix costs millions in city funds
A 2018 remote ransomware cyber attack against the city of Atlanta’s obsolete computer networks left multiple local departments using pen and paper for more than a week. After a remote hacker broke into the system and the city refused to meet the hacker’s demand for $51,000 in Bitcoin, the city lost up to $17,000,000 in costs directly related to the hacking event and costs to resolve. Note* - if compromised, the FBI recommends NOT paying ransom.
The lesson for your local government: Don’t wait for a cyber attack to strike to upgrade your local government IT systems. If you’re still using physical on-site servers, you’re giving hackers an incentive to target your computer systems and exposing yourself to the possibility of losing critical government data and records forever and/or being extorted for millions of dollars. Upgrading to the cloud ensures that you’re up-to-date with government cybersecurity protocol and have guaranteed data storage back-up of critical data.
Learn more in the guide to Government Data Storage: In-House vs Cloud Servers.
2. 22 townships in Texas Were hit with a coordinated ransomware attack
If you’re working for a local government in a small township, don’t think that means you won’t have to worry. Russian hackers targeted small towns across the state of Texas, preventing constituents from paying water bills, the governments from processing payrolls, and government workers from accessing critical data.
As it turns out, in the middle of the night Texas, Russian hackers across the world “were burrowing into networks,” leaving encrypted messages to let local townships know they’d been hacked. The state-wide hack occurred after a private firm connecting Texas communities with a statewide law enforcement database was breached.
The lesson for your local government: Be thorough and careful about private-sector partners you associate with and provide critical constituent data to. When deciding on technology partners, be sure to enquire about their IT protocols and measures to prevent cyber attacks. At GovPilot, we’re constantly embracing the latest IT technology and methodology meant to deter cyber attacks and secure data. In 2021, GovPilot hired Robin Smith as Chief Operations Officer (formerly Microsoft, S&P Global Development Manager) to prioritize cybersecurity best practices and modern IT infrastructure.
3. Fresno, California lost more than $400,000 as a result of a phishing scam
A phishing scam in which a hacker posed as a real contractor working on a public building invoiced the city for $400,000. Changing only the account number and using the contractor's letterhead, a government city employee accepted the payment and sent the hacker taxpayer-funded dollars.
The lesson for your local government: cybersecurity training for local government workers is critically important for preventing government data breach events. In the situation above, an employee made an honest mistake that could’ve been avoided with proper training on phishing scams. To learn more about how to train government workers against cyber attacks, read on the Local Government Cybersecurity Training: What to Teach guide.
Government Data Breaches At the State Level
1. Texas Comptroller’s Office Costs State Millions & Constituents Their Private Data
Government data breaches aren’t a new phenomenon. Back in 2011, more than 3,500,000 Texans’ names were publicly displayed along with their social security numbers on the Texas comptroller's website for a year until the data breach was caught and addressed.
While Texas law requires that private government files are encrypted, the names and private information were leaked as a result of protocol not being followed. Files submitted from the Teacher Retirement System of Texas, the Texas Workforce Commission, the Employees’ Retirement System of Texas, and the Texas Workforce Commission to the comptroller's department were not encrypted, leading to the public display of constituent’s most private information.
Millions were spent in notifying constituents that had their information leaked, working with IT consultants to alleviate issues, and in lawsuits with enraged constituents that were affected.
The lesson for your local government: protocols are in place for a reason. Failure to follow protocol stems from the top, meaning municipal and county leadership needs to keep a keen eye on employees to make sure cyber security measures are being met (unless they want to face harsh criticism from the public when a cyber attack occurs.)
2. Data breach in Georgia’s Secretary of State Office exposes 6,100,000 constituents’ private data
In 2015, a government data loss event known as the #PeachBreach, left more than 6.1 million Georgian constituents with their personal information exposed, including , “voter’s birthdates, driver’s license numbers, and social security numbers.”
The government security breach came as a result of the accidental inclusion of sensitive information in a document regularly distributed by the office to various organizations. Once again, sloppy protocol allowed a lower tier government employee to let private constituent data slip through without internal systems catching the issue.
The lesson for your local government: documentation being distributed by your local government to the public needs to be reviewed internally as a cyber security measure, even for documents released / updated on a weekly basis. If not, an ordinarily innocuous process could result in personal data of your local government and / or constituents being released to the public.
Government Data Breaches At the National (and International) Level
1. Chinese hackers steal passwords to access to US defense and technology firms
Chinese hackers managed to steal passwords from U.S. firms working with the federal government to steal critical and sensitive information about the inner workings of United States defense technology contracts.
By December, 2021, the number of suspected targets reached five, with hundreds of other companies posing similar data breach risks at the hand of foreign entities like China and Russia.
The lesson for your local government: Encourage government workers to use convoluted, difficult to guess passwords (like the Google generate a password feature) so that your local government isn’t at risk of a data breach as a result of a stolen password. Make sure passwords are changed regularly and updated from initial generically assigned passwords like ones an IT department might set up on a computer for a new employee.
2. 2022 Cyber Attack on Israel government websites - thought to be the largest in the country's history!
Just days ago in March 2022, the Israeli government faced what may be its largest cyber attack against its government to date. In what’s known as a DDos attack, Israeli government websites including the ministry of the defense and ministry of the interior, were inaccessible for several hours before being restored.
In the past, Iran has been linked to Israeli cyber attacks, though the culprit for this data breach has not yet been confirmed.
The lesson for your local government: Russia isn’t the only threat you need to be worried about. Threats from geopolitical enemies like Iran and China pose a major threat, and hackers can even be in your own backyard here in the US. In fact, the recent attack mentioned above about Atlanta is speculated to have come at the hands of an Iranian hacker) Be wise about who you’re sharing critical data with, especially when communicating with people outside of your region (and especially if it’s international!)
How to Prevent Government Data Breaches?
The honest truth is that cyber attacks will remain an ongoing issue for years to come. As hackers grow more advanced in their techniques, communities that fail to prepare for cyber attacks are preparing to fail.
Here are some ways to mitigate the risk of a local government cyber attack:
1. Spend Federal Grant Funds on Improving Digital Infrastructure
The federal government has approved billions in grants for local governments to improve their digital infrastructure via the American Rescue Plan Act and the Infrastructure Investment and Jobs Act. Both bills grant local governments to allocate funds towards preventing data breaches by improving broadband infrastructure and embracing cloud-based government software.
Learn more with these resources:
- What is the American Rescue Plan? What It Means for Local Government
- Infrastructure Investment and Jobs Act: What It Means for Local Governments
2. Double Down on Your Local Government IT Department
In addition to recruiting great government workers to manage your community’s information technology systems, you’ll need to have an organized IT ticketing strategy to ensure bugs in the system and / or potential cybersecurity threats don’t go unnoticed.
With government management software, IT ticketing is an automated process, where tech issues from other government departments are automatically timestamped and added to the IT ticketing software module for easy accessibility. With GovPilot, municipal workers in Atlantic City reported a decline from 48 hours to respond to a tech issue to just 7 minutes.
Learn more in our local government IT resources here:
- Modern Local Government IT Strategy Guide
- How Atlantic City Fixed It’s IT Ticketing System with GovPilot
Avoid Using Physical On-site Servers for Storing Government Data
Physical on-site servers for data storage are obsolete and are prime targets for a cyber attack as a result. They are also prohibitively expensive to maintain - especially for small to mid sized local governments who will have to continuously maintain and protect equipment from cyber threats and physical threats like fire and floods which can cause just as devastating loss of data and services. With the cloud, your data is automatically backed up on a regular basis, meaning you’ll never have to fear the permanent loss of your government data. Cloud providers regularly push system updates and upgrades meaning your government management platform will be as modern and secure as possible.
3. Regularly Train Government Workers on Cyber Security Protocols
Phishing scams affect people that are caught off guard every single day. Government workers using ‘12345’ or ‘password’ as a password gives hackers a chance to break into your local government with just a few guesses.
In order to prevent an embarrassing and expensive data breach in your local government, you’ll need to offer annual cyber security training that explains how to prevent data breaches and why this training is growing more important year by year.
Local Government Data Breaches - In Conclusion
Clearly, whether you're a representative of a major city or a small, local government, data breaches as a result of cyber attacks pose a threat to your community. To prevent the loss of critical data and / or millions of dollars at the hands of a ransomware attack, you’ll need to be proactive instead of reactive in adopting secure digital infrastructure. Consider automating IT ticketing for fast internal IT issue reporting and resolution. To learn more about upgrading to a unified, secure government management platform, book a free 15-minute consultation today!
Government Data Loss Prevention FAQs
What Are The Best Protocol Measures for Preventing a Government Data Breach?
At a high-level, here’s how you should be preventing cyber attacks from striking your local community:
- Offer cybersecurity training
- Use cloud-based software
- Hire qualified IT officials
- Use IT ticketing software
- Ensure private sector partners are using cyber secure networks
How Much Does a Government Data Breach Cost?
A government data breach can cost tens of thousands if you opt to pay a ransom. (It is recommended governments NOT pay) Recent hackers that stole government data from Atlanta and Newark demanded between $30,000 and $51,000 in Bitcoin for the safe return of government data.
If data is lost for good, it can cost millions to recuperate your losses. After Atlanta decided not to pay their ransom, the speculated cost for the city government was upwards of $17,000,000 in taxpayer dollars to repair and secure systems.
What Are Common Government Data Breaching Tactics?
A few of the common ways governments are hacked into according to cyber security threat intelligence include:
- Hacking private sector partners to gain access to public sector data
- Phishing scams sent to government workers
- Breaking into antiquated physical servers with easy points of entry for a sophisticated hacker
How to Respond if Your Local Government Data is Breached?
You’ll need to work with state and federal officials to overcome a major data breach. Federal departments to contact include your local FBI office, the Secret Service, and the Internet Crime Complaint Center.
In the instance that a hacker demands a ransom for the return of lost government data, you’ll need to weigh the pros and cons of meeting (or not meeting) their demands. Not paying the ransom can result in spending millions of taxpayer dollars to alleviate the situation. If you do pay, however, you send a message to other hackers that if they successfully breach your data, they can expect to receive payment. The FBI recommends NOT paying the ransom.
For more helpful resources for your local government, read on:
- Local Government Disaster Preparedness Guide
- Continuity of Government: Government Procedures During a Crisis
- Modern Government Trends, Events, & Technology
- Best Software for Government Procurement
- Disaster Resilient Architecture
- Tornado Mitigation & Disaster Plan
- Flooding Mitigation & Disaster Plan
- Wildfire Mitigation & Disaster Plan
- How to Build a 15-Minute City
- Building Inspections 101: How Municipalities Can Improve Public Safety
- Government Cybersecurity: How to Prevent Ransomware Attacks
- Municipal Planning: Reclaiming Your City Streets
- Government Blockchain: How Local Government Can Use Crypto
- How Local Governments Can Encourage Civic Engagement
Sources:
https://www.investopedia.com/terms/d/data-breach.asp
https://www.aljazeera.com/news/2022/3/15/israel-says-government-sites-targeted-by-cyberattack-2
http://www.atlaudit.org/isoiec-27001-isms-precertification-audit---january-2018.html
https://www.csis.org/programs/strategic-technologies-program/significant-cyber-incidents
