Ransomware attacks are hitting local governments. Here’s how they can fight back.

pexels-markus-spiske-113850

Ransomware attacks are hitting local governments. Here’s how they can fight back.

“The odds of a municipality becoming a cyber victim are one in four,” one cybersecurity expert said.

The emails showing up on office computers asked about a recent Amazon order. Local government employees in various South Jersey towns were told to click to see the status of the order.

“And most people will click that,” said Lou Romero, a cybersecurity expert. “And my question is, ‘Did you order anything on Amazon? [No.] Then why are you clicking on it?’”

But had such an email come from a malicious source, a municipality’s whole system could have been compromised. The town’s ability to function could have been held hostage for a ransom. Romero has seen it happen.

Ransomware has targeted more than 70 local and state governments so far this year, according to a report by researchers at Barracuda, an IT security company. Among those hit were municipalities in Florida and Texas, and Baltimore, where hackers locked away critical files. Baltimore didn’t pay the ransom, but officials said the attack will cost the city $18 million. In July, the U.S. Department of Homeland Security partnered with national groups to urge governments to take advantage of the best practices and resources to protect themselves.

“These evolving and sophisticated attacks are damaging and costly,” the Barracuda researchers wrote. “They can cripple day-to-day operations, cause chaos, and result in financial losses from downtime, ransom payments, recovery costs, and other unbudgeted and unanticipated expenses.”

Because most municipalities don’t have millions to spend on cybersecurity the way big corporations do, they can be easy prey, Romero said. Several local governments in the region, wary of attacks, declined to talk about their cybersecurity strategies.

“The odds of a municipality becoming a cyber victim are one in four,” said Romero, a consultant for 64 South Jersey municipalities. “So it’s not a matter of if, it’s only a matter of time.”

It’s not that municipalities are being attacked by ransomware more often than individuals and corporations, said Eric Cornelius, chief product officer for BlackBerry’s Cylance, which sells cybersecurity software and services.

“It’s that everyone is being attacked by ransomware more often,” he said.

But attacks against local governments can keep them from delivering a variety of vital services to thousands of residents.

In cybersecurity, local governments are playing catch-up

An employee at a maintenance yard in Haverford Township, Delaware County, got an email with a subject line that seemed off. But it was just enough to be a tease. The worker clicked it.

“And that’s all it took,” said Rick Maclary, the township’s IT director.

A message popped up saying that someone had the computer’s files and the township had to pay a ransom to get them back. The office didn’t store vital information, but when Haverford didn’t pay the ransom, the employee lost contacts and about a month’s worth of data, which the township had not backed up. That was about six years ago.

“That’s when we really learned our lesson that we had to get more serious” about cybersecurity, Maclary said.

Cyberattackers aim to hold systems hostage so local governments can’t operate until they pay a ransom — they are called “denial of service” attacks.

Two years ago, Romero assessed more than 200 small- and medium-sized municipalities in New Jersey. More than 85% had poor password policies, such as allowing fewer than eight characters, not setting expiration dates, or not locking accounts after failed password attempts. Only 4% had any type of cybersecurity awareness training. Municipalities are far behind the private sector, even though ongoing attacks have spurred improvements among the New Jersey towns since 2017.

Attackers, too, are getting more sophisticated, even sending emails that are specific to departments, said Jerry Mascia, Mount Laurel’s superintendent of public works. For example, the permitting department will get an email that says, “Attached is my application to erect a fence.” But it’s malware that infects the municipality’s system once someone opens it.

The challenge for municipalities is figuring out how to maximize their IT security with limited budgets, Romero said. Many local governments don’t have dedicated IT departments and don’t have the resources to attract skilled IT staff, cybersecurity experts said.

‘Cyber hygiene’: Invest in systems, training, and policies

“They are better off spending the money on good-quality cyber hygiene than spending the money and giving it to the lawyers or ransoms,” Romero said. “Cyber hygiene” includes identifying vulnerabilities, using layers of encryption and fire walls to protect data, creating plans to prevent and react to attacks, and keeping up with the latest security patches and system upgrades.

Three municipalities that Romero works with decided to band together and pay a local high school, which has strong cybersecurity, to handle their IT needs.

Cornelius called cybersecurity “the cost of doing business in a digital world.”

“It’s important to realize security is a journey, not a destination,” he said.

He said municipal IT employees often inherit “Frankenstein” systems that are built piecemeal, and the lack of cohesion makes these systems difficult to defend.

Employee cyber training also is necessary. Haverford tells its workers not to use personal emails on township computers and relies on software that scans emails for suspicious behavior before employees see them, reducing the chances that a worker will click something dangerous. The IT department trains workers not to click on suspicious emails and to report them.

Although training is helpful, municipalities shouldn’t rely on it, said Cornelius, who said that over the last two decades, he has engaged in “a highly unsuccessful effort” to teach people not to click suspicious links and emails.

“One always gets clicked,” he said.

Municipalities should develop plans for how they’ll restore services if someone is holding their systems hostage. Few have them, Romero said.

Back up files and stay vigilant

A couple of years ago, Romero was surprised to find that a small South Jersey municipality was backing up its files only every three months, instead of every day, as experts recommend. It turns out that an employee was copying the files one-by-one onto a thumb drive. He showed her how to copy all the files at once.

When Romero advises government officials, he tells them, “Your backups are your lifeline.”

Haverford has taken its lesson to heart, backing up important information every few hours. Local governments also keep track of the periodic warnings the Department of Homeland Security shares about emerging cyberattacks.

“It’s scary the way it is,” Maclary said. “You just can’t trust anybody electronically anymore. You can’t let your guard down.”

Leave a Reply

Your email address will not be published. Required fields are marked *

Related posts

Workers' Comp

2025 Workers’ Compensation Trends: What to Expect

As the workforce continues to evolve, workers’ compensation is at the forefront of addressing new challenges and opportunities. By 2033, nearly one in four U.S. workers will be 55 or older, as reported by the Bureau of Labor Statistics (BLS). This marks a significant increase from just over 15% in 2003. The aging workforce brings new complexities, including a rise in chronic health conditions, comorbidities, and longer recovery times following workplace injuries. At Skyscraper Insurance, we understand that these trends require adaptive strategies. Tailored safety programs, ergonomic solutions, and a focus on preventive care and health maintenance are vital to ensuring the health, productivity, and safety of older employees. These measures don’t just mitigate risks—they also create a supportive and efficient workplace environment. In parallel, advancements in technology are revolutionizing the workers’ compensation landscape. Innovations like artificial intelligence and telemedicine are enhancing the customer experience, from streamlining underwriting and claims processes to providing injured workers with immediate access to medical professionals. The rise of the gig economy further underscores the need for dynamic, tech-driven solutions to keep pace with an ever-changing workforce. The importance of risk management is also reflected in recent executive surveys. In 2024, 23% of global executives identified employee risk as their top concern, surpassing all other business risks. Additionally, 42% believed they were operating in a high-risk environment, a notable increase from 31% in 2023. This sentiment highlights the growing recognition of the need for proactive and comprehensive workers’ compensation solutions. Looking ahead to 2025, businesses should prepare for potential shifts in workers’ compensation costs. Factors such as wage inflation, increased claim sizes, and market dynamics may lead to rising premiums despite a softer market. At Skyscraper Insurance, we are dedicated to helping businesses navigate these changes effectively. By staying ahead of industry trends and leveraging cutting-edge solutions, we empower our clients to maintain robust, compliant, and forward-thinking workers’ compensation programs. Together, we share your vision for a safer and more prosperous tomorrow.

Read More
Commercial Auto

How to Optimize Commercial Lines Insurance for Your Business in 2025

The landscape of small-to-medium commercial insurance has experienced steady growth in recent years. With global property and casualty premiums growing at an annual rate of 6-8% since 2018, the commercial lines sector has emerged as a critical area of opportunity. Factors driving this expansion include hardening market conditions, insurer exits from states like Florida and California, and a rising need for tailored coverage solutions to address unique risks. At Skyscraper Insurance, we recognize the importance of adapting to these market dynamics and providing our clients with tools and strategies to thrive. Here’s how businesses can make commercial lines insurance work smarter for their needs. The Power of Diversification Expanding into commercial lines is a proven way to increase profitability while mitigating risks. By offering cross-sector solutions — from specialized liability to industry-focused coverage — businesses can grow their client base while addressing underserved needs. Skyscraper Insurance makes this transition seamless, providing expert guidance and comprehensive options to diversify your portfolio effectively. Streamlining Quoting Processes Traditional quoting methods can be labor-intensive and error-prone, deterring many agencies from fully exploring the potential of commercial lines. With advanced technology, Skyscraper Insurance simplifies this process. Our integrated tools allow businesses to enter data once and receive competitive quotes from multiple carriers in minutes, ensuring clients receive the best possible options while saving time and reducing administrative burdens. Reducing Errors Through Automation Human errors in data entry can disrupt workflows and introduce risks. By leveraging cutting-edge automation solutions, Skyscraper Insurance ensures data accuracy across platforms. Our systems seamlessly integrate with agency management tools, minimizing redundancies and enabling faster policy renewals and claims processing. Embracing a Connected Future Commercial lines insurance offers vast opportunities, but success hinges on embracing digital transformation. Skyscraper Insurance provides the tools needed to connect management systems, automate renewals, and streamline carrier relationships. By adopting our “one-to-many” quoting model, businesses can optimize efficiency, improve client satisfaction, and drive profitability. Partnering with Skyscraper Insurance In a competitive and evolving market, having a trusted partner makes all the difference. At Skyscraper Insurance, we empower our clients with tailored solutions, innovative technology, and industry expertise. Whether you’re expanding your book of business or exploring new opportunities in commercial lines, we’re here to help you navigate the complexities of 2025 and beyond.

Read More
Try your instant quote