Over the last year, we have seen a shift from private companies to municipalities and governments as targets for ransomware and breaches. The most notable cyberattack came in March when the City of Atlanta fell victim to a massive breach. The breach affected thousands of residents, and the financial consequences are still piling up, with the latest figure reaching nearly $17 million.
Why Cybercriminals are Targeting Municipalities and Governments
Why are cybercriminals targeting municipalities? The answer is pretty simple: money. Private companies often have deep pockets to increase their cybersecurity budgets and respond to the ever-changing cybersecurity risks. However, municipalities and governments often have strict budgets and lack the flexibility with their funding to provide the cybersecurity protection needed.
Aside from money being an issue, municipalities and governments are soft targets. They are meant to have open systems and encourage their users to come to their website and use the utility payment systems. Schools want their parents to be able to access school board minutes. However, many of these services offered are on unsecured websites; making them extremely vulnerable to any kind of malicious attack.
Perhaps the biggest problem, next to the lack of funding, is an issue we addressed in a previous article: the lack of information security professionals. As private companies have much deeper pockets, they are able to pay for the best in the business. Simply put, there isn’t enough talent nor is there enough money to provide each town, city, and state with a highly qualified information security expert.
Cities Turn to Cyber Insurance
As mentioned previously, Atlanta is facing a $17 million bill. What we didn’t mention is the bill is going to paid from a luxury tax placed on city taxpayers. In another ransomware attack, the Colorado Department of Transportation spent $1.5 million cleaning up their mess. Over the last year, 15 percent of ransomware attacks have been targeted toward municipalities and governments. It should come as no surprise that these entities are looking to protect themselves financially, should they fall victim to a cyberattack.
Most recently, the Houston city council agreed to spend $471,000 on cyber insurance. However, these policies often have limits on what’s covered and how much they cover.
“They offer lower limits - $500,000 to $1 million – covering the basic exposures of first party damage, a sublimit for ransomware – maybe $25,000 to $100,000 – and at least third party or personal identifiable information limits between $500,00 and $1 million,” said Thom Rickert, vice president and emerging risk specialist of Trident Public Risk Solutions.
While these figures will certainly cover a smaller attack like the Colorado Department of Transportation, a city that incurs a major attack like we saw with Atlanta will still be facing a massive financial burden.
What Solutions Municipalities and Governments Can Implement
Unfortunately, municipalities and governments have the same problems the private sector faces. There really is no solution that is 100 percent effective. There is no solution that is going to keep your company or city completely safe from a cyberattack. As long as there are employees that could click on a malicious link, or make a poor decision with their use of technology, there will be successful cyberattacks. With that being said, there are ways to effectively fend off cyberattacks with the proper knowledge and training.
First, never assume any email security gateway is sufficient. While they repel many threats and spam invasions, they are not adequate to block targeted social engineering attacks such as spearphishing. Second, the IT staff and employees cannot fend off attacks on their own. While the IT staff should know a lot about email threats, they are usually not email security experts and certainly don’t have the time to review all the suspect emails that come to every employee. No matter how much training you give to your employees about the dangers of phishing campaigns, it will never be enough for today’s click-happy and distracted culture.
What municipalities and governments should investigate is outsourcing their information security. This can provide massive benefits as you have a cybersecurity expert who is constantly monitoring your business and can be cost-effective compared to hiring an in-house information security professional, who may have limited experience.
At WatchPoint, we offer a Layered Security approach to help keep your business, municipality, or government safe from cyberattacks. Layered Security involves using multiple defense layers to slow down and prevent potential security breaches. WatchPoint combines the best of all layered security practices in one comprehensive package to protect you from each type of threat. Contact WatchPoint today to learn more.