Posted by Tyler Chancey, GCFA on

Tyler Chancey is a seasoned cybersecurity professional currently serving as the Director of Cyber Security at Scarlett Cybersecurity Services, With a solid foundation in Computer Software Engineering from the University of Florida, Tyler holds a repertoire of certifications that underscore his expertise. These include the prestigious Microsoft 365 Certified: Enterprise Administrator Expert and Microsoft 365 Certified: Security Administrator Associate, showcasing his mastery in Microsoft's enterprise solutions. Tyler's commitment to comprehensive security is further evidenced by his CompTIA Security+ certification, demonstrating proficiency in core cybersecurity principles. Additionally, his GIAC Certified Forensic Analyst (GCFA) credential attests to his advanced skills in forensic analysis—an invaluable asset in today's complex cybersecurity landscape. Tyler's dedication to staying at the forefront of industry standards is evident in the active pursuit and maintenance of these certifications, making him a trusted authority in the field.

Municipal Ransomware Attacks

Most local governments are struggling with numerous ransomware incidents due to increased cybercrime. Cybercriminals target all the main infrastructures, making it easy for them to hack data from your organization. As a result, this attack can cause severe damage to your business. To prevent such attacks, here are some best practices for securing your municipal network:

The ways that the Municipal government can prevent cybercrime include making continuity plans and updating software regularly. Prevention also includes mentoring, multi-factor identity verification, offline backups, & encryption.

More than half of all attacks were aimed at municipal governments; they accounted for 55% of reported ransomware incidents in 2018. Since 2018, the number of ransomware attacks on companies worldwide has increased and reached a peak of 68.5 percent in 2021. The stats show the number of ransomware attacks increased worldwide from 2016 to 2022.

Many local governments and law enforcement agencies are looking for a solution to prevent cyber-attacks. This article will discuss the most common ransomware attacks many local governments face. Also the ways you can protect yourself from similar attacks by implementing modern data backup software. Let's dive in.

What Is a Municipal Ransomware Attack?

Municipal ransomware attacks mean that your local government computer networks have been affected by ransomware. Ransomware (per the FBI) is an attack where hackers encrypt essential files on your computer or mobile device and demand a ransom for them to be unlocked.

Municipal ransomware targets local government and public safety sectors. Unlike regular ransomware, it only encrypts files within a single computer or network. It doesn’t spread across other systems unless someone manually exploits a vulnerability in the local network.

Ransomware Attack: How Does It Happen?

Ransomware attacks occur when a hacker encrypts a computer's files and demands payment (a ransom) for their decryption key. The attack can happen anywhere a computer system is connected to the internet.

It results in devastating consequences for an organization. Ransomware spreads through email and social media links when security measures aren't taken quickly enough.

Why Municipal Governments Face Cybersecurity Threats

Cybersecurity threats are now a big concern for municipal governments. There are several reasons for this:

First, municipal governments are often seen as targets for cyberattacks. It is because they're considered "low-risk" for the hackers compared to other organizations, such as banks and hospitals.

Second, most municipal governments have limited budgets and resources. It makes it difficult to invest in precautionary cybersecurity measures. They may not have the money or resources to hire IT professionals or conduct regular audits of their systems and networks.

Third, many municipal governments don't understand how hackers can infiltrate their systems or networks.

Furthermore, they don't know how to prevent these attacks from happening in the first place. They may be unaware of the security risks associated with outdated software. The risks associated with hardware components on their networks and systems (which can put them in risky situations).

How Ransomware Affects Local Government

First of all, there's the threat of data loss. Losing valuable data can make it difficult for a local government to perform its duties. It means that when ransomware hits a local government agency, it can significantly impact that agency's ability to function and deliver services.

In addition, it affects the ability of local governments to communicate with the public. When a city's website goes down and can't provide information about what's happening, people will naturally be concerned about whether they should stay in their homes or leave town. It can lead to unnecessary panic and confusion.

Malware can damage an agency's reputation if the public discovers that its services are unavailable. Ultimately, this could increase cybercrime.

Analyses of Local Government Ransomware Attacks

What does it look like when hackers use ransomware to attack cities, police departments, or school districts? Here are some recent attacks and how much damage they did.

1. City of Detroit

In 2014, 35 state and local governments said ransomware was causing trouble. This number isn't vast, but it's also not very small. Because in the same year, someone infected some of the city of Detroit's computer files and then asked for $800,000 from the city. The city, however, refused to pay because the encrypted information was stale.

2. Atlanta City

A case study reveals that the Atlanta ransomware attack has impacted many people. Atlanta is the most recent victim of ransomware attacks. Hackers gain access to computers, grab files, and block off users until a ransom is paid. Even though the attack is not new, its sheer size and scope are still shocking.

It's been reported that at least 300,000 computers were affected by this attack. In 2016, the FBI got more than 2,600 complaints like this. The City Of Atlanta ransomware attack is thought to have been done by a group called SamSam. This year, they earned more than $1 million from 30 different groups.

FBI officials say paying hackers extortion money gives them more confidence. It does not even guarantee they will return stolen information. The people in charge in Atlanta haven't said if they paid the $51,000 ransom to avoid a bad image.

3. Government Agencies

According to the study, 44% of all observed ransomware attacks against municipalities in 2020 were directed against councils. The analysis detected and analyzed 71 global ransomware cases in the previous 12 months.

Between 2018 and 2019, the percentage of a cyberattack on educational institutions increased from 6% to 15%. As a result, ransomware attacks in the healthcare industry have increased by 2%, from 21% in 2019 to 23% in 2020.

Logistics-related cyberattacks are also becoming more common. Since late July, six noteworthy ransomware assaults have been investigated. In the cases reviewed, 14% were proven to have paid the ransom, with the average amount being around £1.26 million.

4. Baltimore, Maryland

Hackers in Baltimore, Maryland, used RobbinHood ransomware to shut down most of the city's systems in early May 2019. The Baltimore Sun reports that most city servers were taken offline due to the attack, although 911 and 311 systems were not affected.

At the time of the Baltimore attack, the culprits sought a ransom of 13 bitcoins, approximately $76,000. A ransom note was left on a Baltimore computer warning that the city would lose its computer systems if it did not pay the ransom.

See Also:

A Rise in Local Government Ransomware Attacks

Ransomware attacks are on the rise, straining local US governments and public services
across the country. According to estimates, 60% of all organizations experience ransomware attacks yearly. This estimated percentage is increasing because cyber criminals have developed advanced ways to attack local municipal governments.

In 2018, the (NCCIC) reported over 450 ransomware incidents in the United States, a 30% increase from 2017. The NCCIC also found that governments were among the most targeted sectors in 2018. Over 70% of incidents targeted government entities and organizations.

In addition, it’s important to note that local governments are especially vulnerable due to their reliance on technology and data management systems. These attacks can devastate local government operations, which rely on technology to deliver services to constituents and ensure transparency and accountability in their operations.

See Also:

How Can Local Governments Prevent Cyber Crime?

Preventing cybercrime is challenging. According to studies, only 38% of state and local government staff have received training on ransomware protection. Cyber security solutions for local government can prevent many of these crimes by taking the following steps:

Hire or Outsource to a Cyber Security Professional

It's important that you have someone on staff who is focused on keeping your systems secure. However, if you don't have in-house staff dedicated to cyber security services, you can outsource these services to a reputable cyber security firm.

A cyber security expert will have the skills and knowledge to stop many cyber attacks. They will ensure that your systems are up-to-date with the latest security patches and have the proper security measures in place.

In addition, they can provide you with incident response services in the event that you do experience a ransomware attack.

Protection against Fraud

If a city or town wants to stop a cyberattack, it should focus on educating its employees. Ensure all employees are trained to identify and report suspicious activities or behavior. In 2019, a Florida beach town lost $600,000 because an employee clicked on an unknown link.

Cybercriminals can get into local government data through hacked emails, phishing scams, decoded malware, and weak passwords. It's good news that most of them are preventable with proper employee education. Educate all employees in your firm about these security traps.

Weak Passcodes:

A strong password is essential to protect your sensitive online information. Using a single password for several websites is unsafe. It is because simple passwords are too easy to crack based on social profiles and personal information.

Data Backup:

Backing up sensitive and critical data is the first defense against a powerful ransomware assault. If IT professionals regularly backup their data, there is no reason to pay the ransom during a ransomware assault. Local governments should strive toward data backup procedures like those used in the private sector.

Inadequate Controls:

Not all municipalities have the means to implement necessary protections. Systems that store sensitive information such as payment information, social security numbers, and other personal information should be controlled. So that only authorized users can access it.

Protection Against Phishing Scams:

Ten years ago, it was easy to spot phishing emails because of their poor spelling and grammar. They used to have incomplete sentences and unclear instructions. Phishing assaults today closely resemble authentic emails from internal & external sources.

Phishing attacks and social engineering-based attacks are the most typical ransomware technique. Hackers use fake email addresses that pretend to be from coworkers or management. Malware like this spread when employees open compromised attachments or click on malicious links. They are sent by hackers in emails.

A combination of educational and technological solutions is needed to combat these infections. Private sector mechanisms offer these solutions. Providing practical and relevant cybersecurity education is a significant challenge for many local government agencies.

There is a difference between the educational policies of the local government and those of the private sector. In many large private companies, especially those that collect sensitive data, cybersecurity training is encouraged for staff members.

Payments Fraud and Cyber Security

Local government agencies usually take a lot of payments, like taxes and utility bills. It makes them prime targets for cybercriminals. Payments fraud has become an increasingly common problem for businesses of all sizes. The biggest reason for this? Fraudsters are getting better at finding ways around existing security measures.

It means that if you're not proactive about preventing it from happening, you could be putting your business at risk of financial loss. It is also vital to educate your residents to avoid payment scams. Cybercriminals frequently use emails to deceive clients into making a payment on a malicious site.

Advise residents only to use official websites & payment services to make payments. Inform them to notify your company directly if they suspect a website or email. Email fraud has become considerably more advanced in recent years, as it is much better at appearing real. Be suspicious if someone or an organization asks for a wire transfer, even if you know them.

Cybersecurity Skills Gap

It's no secret that government cybersecurity skills are lacking. Businesses have been dealing with this issue for years, and it only seems to worsen. Let's explore why the gap exists and how it could be closed.

The municipal sector is typically small in the overall business landscape and has limited resources. Due to this, they can't hire cybersecurity experts or implement best practices to protect their systems from hackers. Therefore, they become more vulnerable over time due to these threats.

Most municipalities depend on IT departments to handle their day-to-day operations. They include responding to emergencies and tracking missing children. Municipalities need highly trained cybersecurity professionals to keep their systems safe from hackers.

The best way for municipalities to mitigate these risks is through effective communication between their digital security staff and constituents or GSA-Scheduled government cybersecurity service provider. Those communications should explain which types of information are vulnerable to cybercriminals and how to guard against those vulnerabilities (e.g., password management best practices).

Ways to Combat Cybersecurity Gaps

There are four ways to combat security gaps:

  1. Enhance automation and integration
  2. Be open to outsiders
  3. Educate and improve awareness
  4. Embrace the shortage of cybersecurity skills

Local Government Cybersecurity Policies

It's no secret that local governments are feeling the pressure of increased cybersecurity. But what can they do? How can they protect themselves? Here are some key cybersecurity policies for local governments:

Cybersecurity Insurance - Importance

This year 30 % increase in cyber rates was reported by the Local Government Insurance Trust. It's becoming complex and expensive for municipal governments to protect themselves from cyberattacks.

Cyber insurance can cover the costs of a data breach and recovery for many local governments to protect against such invasions. As a municipal government official, it's important to remember that you're dealing with taxpayer funds. If you lose the support of the people in your area, you may have trouble passing tax hikes and expanding the budget.

A growing number of government cyber security breaches highlight the importance of implementing effective security measures for all organizations. Educating employees about proper security procedures is a good start. However, cyber liability insurance is also important because it protects your company after a severe loss and allows it to reopen.


In this article, we shared tips on how local municipal governments can prevent cyber-attack. We also highlighted some areas in which local governments are especially vulnerable. It is vital for all organizations to be aware of the threat of cyber-attacks, regardless of their size, and how this threat is reduceable by taking simple steps toward better cyber security for local government practices.

As the world grows more digital, the threat of cyber-attacks will only continue to grow. Be sure to stay ahead of the curve by implementing the tips shared in this article. 

If your institution is a victim of cybercrime, contact us today for a consultation regarding government cybersecurity solutions and IT services.

Share this

Related Articles

Learn the Three Rules of HIPAA: Essential Guidelines for Security and Privacy

Ascension hospitals investigating possible data breach after suspected cyberattack disrupts clinical operations

Cyberattacks in the Healthcare Sector: Threats, Impact, & Mitigation