Ransomware Threatens Local Government Operations
PTI highlighted highly publicized ransomware attacks against energy infrastructure in its survey, but local governments remain very popular ransomware targets. The most common vector for a ransomware attack is email. An unsuspecting employee or contractor clicks on a malicious link and activates malware that seizes the systems to which it gains access.
“While it is relatively unsophisticated as cybercrimes go, these can shut down servers, expose data, paralyze 911 centers and interfere with traffic management systems,” reports Governing. Many cities operate with aging infrastructure, making them even more appealing targets.
The concern this year was so great that the FBI issued a private industry notification to the government facilities sector, warning local governments that ransomware could paralyze their operations.
“Ransomware attacks against local government entities and the subsequent impacts are especially significant due to the public’s dependency on critical utilities, emergency services, educational facilities, and other services overseen by local governments, making them attractive targets for cybercriminals,” notes the FBI notification.
The FBI strongly advises local governments to establish contingency strategies and continuity of operations plans for activation in the face of a ransomware attack.
Federal Grants Offer Some Relief for Local Governments
The federal government soon will publish grant guidance for fresh cybersecurity funding under the Infrastructure Investment and Jobs Act (IIJA). Local governments will receive 80 percent of those funds.
The FBI’s guidance serves as a handy checklist of references for local governments to begin determining where to spend this money. The FBI recommendations include:
- Update software and operating systems.
- Establish user training programs, particularly to counter phishing.
- Set strong password protection on accounts.
- Require multifactor authentication for services.
- Back up data to offline storage.
- Encrypt all backed-up data.
Officials responding to the PTI survey said “data backup, integrity and restoration” was their top specific cybersecurity priority. In 2022, 86 percent of them identified backups as their No. 1 cybersecurity concern, up from 54 percent in 2021. IT modernization and training also made the list of top five cybersecurity-specific priorities.
Government Cybersecurity Faces Procurement Hurdles
Most local government CIOs anticipate increased IT budgets in 2023, thanks in part to those federal grants, StateScoop reports. State and local governments continue to make technology expenditures with funding provided by the 2021 American Rescue Plan. The IIJA is set to provide another $1 billion in cybersecurity funding.
In the PTI survey, 51 percent of respondents shared their expectation that their IT budgets would increase between 1 percent and 4 percent, and another 33 percent said they expect increases of at least 5 percent.
The survey also found that “streamlining procurement processes” was a priority for local IT officials, but they felt they could do little to expedite expenditures with the high degree of routines and compliance requirements occurring in government culture.
Some localities enjoyed more rapid IT procurement during the heightened emergency period of the COVID-19 pandemic, and they have continued to explore means to acquire technology faster.
“While the response to COVID allowed for emergency orders to circumvent the usual processes, it remains to be seen if any lessons learned from these emergency periods will point toward permanent efficiencies that could be captured for regular procurement processes,” the PTI survey notes.
Meanwhile, more cities and counties are exploring automated administration processes and cooperative purchasing agreements to speed procurement.