Cities are getting hit with ransomware (but you can protect yourself)

Thu, 2017-07-27 11:40 -- SCC Partner

When you think of ransomware, you may think of news stories about how people’s personal photos have been scrambled by viruses and can only be recovered by paying a large fee. But as you’ll read below, cities are being hit with these costly viruses too. And even if you haven’t been hit yet, if you’re like the vast majority of cities, you probably aren’t prepared for an attack.

You do need to take action. Newark, New Jersey, has been hit twice — once affecting its ability to dispatch police officers. The good news is that whether your budget is big or small, there are steps you can take. Here are some ideas to protect yourself from cities that are taking action. — Kevin Ebi

By Nick Schiffler, Onvia

Ransomware attacks have made headlines in recent months. Although the highest-profile attacks have been made on multinational corporations or larger federal departments, cities are not immune as a target of cybercrime.

The City of Newark, for example, was reportedly hit in a ransomware attack in April that compromised the city’s network and disrupted services. Just the year before, a cyberattack on the Newark Police Department impacted critical systems used to analyze crime data and dispatch police officers. “The massive amount of valuable data housed by… local agencies is an attractive target for cybercriminals seeking financial gain,” said Paul Lipman, CEO of BullGuard.

Newark is far from the only city feeling the effects of this new wave of cybercrime. A 2015 Ponemon Institute survey of government IT staff found that only 19% of state and local government agencies received high ratings for their abilities to prevent cyberattacks.

However, this trend may be beginning to turn as cities take cybersecurity more seriously. A study from Onvia found that the volume of state and local cybersecurity bidding opportunities nearly doubled from July ’15 to June ’16 over the previous 12-month period. Typical bidding opportunities cities are looking for in greater numbers include network security services, software and data security and support, risk assessment audits and employee training services in security and/or privacy.

Across the Hudson River from Newark, the City of New York is making a big investment in its cybersecurity. The city just gave a $600K contract award to the New York State Technology Enterprise Corporation for information security consulting. But not all cities have New York’s cybersecurity budget. In fact, Lipman says that the typical state or local government agency spends less than 5% of its IT budget on cybersecurity.

Smaller cities and towns can take steps to ensure data safety by following the example of the City of Branson in Missouri. Branson partnered with Security Mentor, Inc., a company providing online security awareness training, and awarded them a $3K contract to provide cybersecurity training for all city employees. This small investment will help the city inform its employees on what to do in the case of a ransomware attack – all while barely making an impact on Branson’s bottom line.

Nick Schiffler is a business-to-government (B2G) market analyst and content marketer for Onvia, the leader in sales intelligence and acceleration for B2G. Follow Onvia on Twitter and LinkedIn to stay up to date with the latest government market insights.