Cities, municipalities and government bodies alike have all been targets of cyber attacks, usually in the form of ransomware that gets in via poor employee cyber practice. According to Security Boulevard, in the past year, Ontario’s Municipal Offices and the Town of Wasaga Beach in Ontario were attacked, leaving their servers useless. A hit closer to home was the big breach in Atlanta that ended with the city opting to spend funds on incident response instead of paying the ransom. In the end, a breach in the system can end up costing the entity thousands, if not millions, of dollars, which leaves other government agencies with the question: how do we avoid similar attacks?
Methods of Attack
According to Information Security Buzz, one of the most popular forms of breaches in government cities, like most other companies, is phishing. This is when an email is sent alleging to be a reputable company trying to get an employee to click on a link and reveal information such as credit card numbers or passwords. The reason these schemes are so popular is because they are easy and very successful. Considering factors like employees checking their emails at all times from different devices, multitasking employees who have a lot on their plates and limited money spent on IT, government municipalities are an easy and lucrative target.
The Cost vs. the Risk
Back to the attacks mentioned before, according to Security Boulevard, Ontario’s Municipal Offices paid an undisclosed amount to the hackers for ransom, while the Town of Wasaga Beach paid an estimated $250,000 total. Atlanta’s mayor estimated that her city ended up paying $20 million total, according to Information Security Buzz. These large numbers make the idea of investing in an IT strategy more attractive to government agencies, especially with the increasing skill of hackers who can steal information and demand increasing amounts of money. Cities like Houston, Fort Worth and others have already jumped on the train by purchasing millions in cybersecurity in hopes of fending off an attack. It is only a matter of time before those without it see the need, whether that is before an attack, or after.
To learn more about cybersecurity for municipalities, check out MDL Technology’s website.