US Cities Continue to Be Attacked: A Call for More Security & Modern Governance Strategies


JULY 2019

By: Mohie Ahmed

Attacks on U.S. municipal governments are growing, and it’s time to address this issue at the local, state and federal levels.

By putting higher standards in place, and fully securing access to the information systems of villages, towns, and cities in the U.S., we can protect against threats to privacy, safety, and democracy.

Baltimore is one of the more reported on events; the city was crippled by a massive ransomware attack that effectively from thousands of government computers, causing everything from payments for city services to disruption across other online services.

The cyber attackers responsible for the attack demanded $100,000in order to restore these systems. Baltimore City Mayor Jack Young has publicly stated that the city will not pay the ransom demand, but reports indicate the attack will ultimately cost the city more than $18 million.

According to 2019 Verizon DBIR report, ransomware accounts for nearly 24 percent of all malware-related attacks across industries. The demands are working, and the ransoms are growing. For example, a Beazley Group report indicates that the average payment in the first quarter of 2019 –$224,871 – has already far-surpassed 2018’s average of $116,324.

Cybersecurity research firm Recorded Future has been tracking the spike in attacks on state and local governments and listing details. At least 169 county, city or state government systems have been attacked since 2013, including at least 45 police and sheriff’s offices. Attacks hit 48 out of 50 states, as well as Washington D.C.

There have been 22 known public-sector attacks so far in 2019, which would outpace 2018, and that does not include attacks that are not reported until months or years after they’re discovered.

According to CNN, at the end of March 2019, NewYork’s state capital admitted it had been hit with ransomware and announced the attack the day it was discovered but downplayed its severity. Many of those problems were cleared up by the beginning of the workweek.

Law enforcement was targeted in Texas in March when the Fisher County sheriff’s office was infected and reportedly lost the ability to connect to a statewide law enforcement database.

Genesee County, Michigan, which includes the town of Flint, announced in May 2019 that it was finally ransomware-free after an attack effectively shut down the county’s tax department for most of April.

Attacks are carried out criminal gangs, as well as internal employees or contractors.

The US says two Iranians were responsible for the two most destructive municipal ransomware attacks in the US, which took place in Atlanta and Newark. The ransomware, called SamSam, successfully extorted more than $6 million in ransom, the Department of Justice said, and caused more than $30 million in damage.

Most recently, at the end of June 2019, even the phone system went down in the government of Lake City, Fla., after hackers launched a cyberattack that disabled the city’s computer systems.

According to CNN, for several days after computer systems were paralyzed by a ransomware attack, the staff of the small North Florida town worked with the F.B.I. and an outside security consultant to restore phone lines, email and online utility payments.

“But in the end, city leaders called an emergency meeting this week and reluctantly approved paying the hackers the ransom they demanded: 42 Bitcoin, or about $460,000,” the CNN report said.

It was the second city to agree to a large ransom in two weeks. Riviera Beach, in Florida’s Palm Beach County, signed off on a $600,000 payment last week, also in Bitcoin, a cyber currency that is difficult to trace.

Some lawmakers are calling to make ransom payments illegal –but tell that to a municipality frozen by attackers, and attacks that may cost $18M to resolve compared to a $100,000 ransom request.

What’s the real answer to this problem? More security in place, including access management solutions that protect what municipalities connect – learn more here.

Similar Blogs

Enterprise Risk Appetite Frameworks Should Include PAM

Enterprise Risk Appetite Frameworks Should Include PAM

Just as cyber risks evolve, the evolution of risk appetite frameworks is more active than ever. With more sophisticated adversaries, more digital transformation initiatives, more mobile works, ecosystem partnerships and connectivity to multiple clouds and services, enlightened management teams and their boards are updating their levels of “risk tolerance.”

read more