Public Sector Cyberattacks Have Consequences
State and local cyberattacks can impact emergency services, such as 911 systems, police and fire departments and county hospitals vulnerable to operational disruption. An attack on various systems can force first responders to use manual procedures, while emergency responses may be delayed, causing patients to lose lifesaving services when they need them most. And a ransomware attack on a hospital could disrupt critical care to the health system’s most vulnerable communities by hindering operations until a ransom is paid to the hackers.
Further, the disclosure of sensitive information during cyberattacks can create multiple security risks, including identity theft and extortion.
These threats are not limited to healthcare; critical infrastructure sectors such as water systems and telecommunications have also faced significant cyberattacks, highlighting the widespread vulnerabilities across essential services. Among recent incidents are the American Water Works breach and a claimed attack on a Tipton West Wastewater Treatment Plant in Indiana by a nation-state hacking group. The FBI and the Cybersecurity and Infrastructure Security Agency have also warned that foreign hackers have gained access to networks at multiple telecommunications companies with the aim of stealing customer call records data.
DIVE DEEPER: Secure OT and critical infrastructure in a changing threat landscape.
These attacks can be especially crippling when local governments are already grappling with budget shortfalls. If tax collection portals and business license processing systems go offline due to a cyber incident, municipalities lose vital revenue streams and resources that they need to respond and recover. It's critical to understand the potential costs of remediation, which can range from thousands to millions of dollars, highlighting the importance of having a cyber resilience plan.
Hackers Are Targeting Backups as Their First Move
Attackers understand that destroying or encrypting these outdated backups gives them complete control, so these are now included in ransomware attacks.
Agencies and organizations suffer long-lasting damage from cyber incidents when attacks damage backup systems, forcing them to pay a ransom to restore their data and operations.
DISCOVER: CISA’s John Bryant talks about free cybersecurity services for critical infrastructure.
Cyberattacks Are Inevitable, But Disaster Isn’t
Government agencies can build cyber resilience by implementing immutable backups, integrating threat detection and continuously testing and improving recovery processes. These tactics should align with government security frameworks, such as the National Institute of Standards and Technology’s Cybersecurity Framework 2.0 and zero-trust models to strengthen security and compliance. For example:
- An immutable backup system should be a vanguard tactic in any cyber resilience strategy because it can’t be altered, deleted or held hostage by ransomware or insider threats. Immutable backups hinder attackers from altering or deleting saved information, ensuring data integrity.
- Threat detection and response should also be deployed. This tactic requires integrating real-time threat scanning into backup systems to identify and isolate malicious activity, preventing the restoration of compromised data.
- Further, data integrity can be maintained during backup and recovery by employing regular backups and automated verification, as well as redundancy and security measures. These strategies ensure the data is accurate, complete and ready for timely restoration.
- Readiness depends on regular anomaly detection of backup systems, as well as restoration process testing and incident simulation. This helps identify potential problems ahead of time, which improves backup reliability and rapid data restoration capabilities during system failures or data loss events.
These tactics also decrease the time organizations need to respond to cyber incidents.
As Cybercriminals Evolve, So Must State and Local Cyberdefenses
Relying on legacy backup systems is no longer just risky, it’s an open invitation for attackers to disrupt government and infrastructure operations and erode public trust.
Beyond implementing technical measures, a cyber resilience strategy should cultivate awareness and foster collaboration, enabling staff to exchange best practices and resilience techniques.
With cyberattacks on the rise, government organizations must act swiftly and plan ahead. Proactively modernizing outdated systems, establishing robust data backup and recovery protocols and nurturing a security-conscious workforce will strengthen defenses against evolving threats. These actions are vital for safeguarding public health, safety and trust, today and in the future.
The views expressed in this article are those of the author and do not necessarily reflect the official policy or position of Rubrik. This article is for informational purposes only and does not constitute business or legal advice. Organizations should consult with legal and compliance professionals to ensure their cybersecurity strategies meet all applicable federal, state and international requirements.
