Hackers are going to town on municipalities in California and across the country.
Municipalities are popular targets for cybercriminals because most have a variety of services on their websites that requires city residents to share credit card information, addresses and other personally identifying information. Even with the prime data cities store, they often don’t have adequate security solutions in place to prevent ransomware attacks.
What Can Happen When a City is Attacked
When a city’s IT network is compromised, it creates potentially life-threatening chaos for city residents and employees.
An attack can knock out 911 and first responder services, leaving citizens in crisis while cities frantically work to recover. With downtimes often spanning more than a week, citizens are prevented from paying utility bills, applying for building permits and requesting necessary city services.
For example, earlier this year, Lodi city employees received ransomware emails with attachments that looked like invoices. The ransomware disabled the city’s phone lines, including the police department’s emergency and non-emergency lines and the public works emergency line. It also affected financial data systems like the city’s payment system. While the city opted not to pay the demanded $400,000, they did have to rebuild their systems from backups.
Why Cities are Being Attacked
As public-sector organizations, city governments, counties and police departments often lack the resources or ability to prevent ransomware attacks. Because they are governed by elected officials with public funds, the process to implement proper security solutions can often be bureaucratic and slow.
Economically, a ransomware attack on cities creates havoc. Cities have an abundance of data spread across multiple departments, including municipal hospitals, utility divisions and licensing and code departments. Health information, personal information about elected officials, sensitive HR information, personnel records for police offers and business plans are all open to exposure during an attack.
4 Questions Cities Need to Answer to Prepare for and Prevent Ransomware Attacks
Protecting municipalities and securing their data requires specific expertise when working with public entities. City needs vary based on size and complexity, so it’s essential to have an IT partner who is familiar with how municipalities operate and has the proper law enforcement certifications and experience to serve them well and keep them legally compliant.
1. Does my IT provider have law enforcement training?
Cities with police departments need an IT provider who can work on 911 dispatch software. This requires Criminal Justice Information Services (CJIS) and California Law Enforcement Technical Systems (CLET) training, experience and certification before you can log into municipal emergency responder systems. IT knowledge on how to segment police department systems from other city networks is required. In-depth understanding of each city’s functions, priorities and legal requirements is key to successfully protecting and supporting its technology infrastructure.
2. Will the provider be able to find solutions within my budget?
Additional consideration must be given to IT planning, purchasing and budgets, since city budget initiation is done far in advance and often with limited funds. One California city we work with has to decide between replacing Microsoft servers that are going end-of-life or installing additional security layers. Not an easy choice; city IT management requires guidance from a trusted IT partner.
3. What is my IT provider’s experience working with cities and are their techs background checked?
There are nuances to working with a city, and without prior experience, the IT provider may be unaware. You don’t want to spend time wondering if your provider knows city hall activity needs to be segmented from the police department. You want to have confidence your provider has the IT expertise and background knowledge required. Your provider needs to be more than a consultant; they need to be a partner, like the role we fill for the City of Arvin.
4. What does my cybersecurity insurance cover?
Many organizations believe if they purchase cybersecurity insurance, they will be protected if they are breached. This is not the case when it comes to many cyberattacks, such as phishing, because phishing is considered an attack on the employee receiving the email, not the organization itself.
Read the policy fine print. Make sure you are meeting the criteria set forth by your insurance carrier, and then put together an incident response plan to ensure your municipality comes back online as soon as possible after an attack or natural disaster.
DiamondIT Can Secure Your City
DiamondIT has the certifications and depth of knowledge to partner with California municipalities. Our business savvy and municipality experience lends itself to navigating bureaucratic red tape to help you plan and budget for a secure IT infrastructure to protect your city and its residents. Reach out to us online or by phoning (877) 716- 8324 to talk about protecting your city from ransomware attacks. Your neighbors will be glad you did.