State and Local Governments are Under Siege from Cyberattacks – it’s Time to Act

Cyberattacks against state, local and Tribal government (SLTG) entities has grown more aggressive. Last year the cybersecurity firm BlueVoyant published a report that disclosed State and Local Governments saw a 50% increase in cyberattacks from 2017 to 2020. The report also noted that the 50% increase in attacks is likely a fraction of the true number of incidents because many go unreported. Research by Barracuda Networks indicates that 44% of global ransomware attacks in 2020 targeted municipalities.

Precise, complete records of cyberattacks on municipal systems are hard to come by because so many never make it to the public record. However, some recent examples from 2021 include:

• In May, a ransomware group published several gigabytes of data stolen from the Washington, D.C., Metropolitan Police Department, including personnel files of nearly two dozen officers.
• In February there was an intrusion into the city of Oldsmar’s water treatment system. The intruder briefly increased the amount of sodium hydroxide (i.e. lye) from 100 parts per million to 11,100.
• In June, a malicious cyber actor compromised a California water treatment plant, deleting crucial programs meant to treat drinking water.
• In April, the Three Affiliated Tribes—the Mandan, Hidatsa & Arikara Nation—announced that its server was hit by a ransomware attack that prevented them from accessing files, email and critical information.

Clearly, SLTGs have become a fresh and lucrative target of cyber threat actors. As the gatekeepers for voter records, tax information, SSNs and essential access information to the full range of critical infrastructure managed by SLTG’s, it is of little surprise that they have become a focal point of cyberattacks.

I would much rather they shore up their defenses than deal with post cyber-incident costs. A report titled “The Economic Impact of Cyber Attacks on Municipalities” from KnowB4 found that the average cybersecurity breach costs states between $665,000 to $40.53 million, with a median cost varying from $60,000 to as high as $1.87 million. Ouch! Many times that’s our tax dollars covering those costs.

What’s being done?

NASCIO has helped to promote the State and Local Cybersecurity Improvement Act, which would create a $500 million annual grant program, administered by the Cybersecurity and Infrastructure Security Agency (CISA), one of its top Federal legislative priorities. On 20 July, The US House of Representatives voted to approve this Act as part of a slate of cyber bills that passed. Hopefully, it will be approved by the Senate and signed by Biden – the states need the help.

States are also starting to pass laws that’ll move the needle. Last month Florida Gov. DeSantis signed H.B. 1297, the State CyberSecurity Act, and it went into effect on 1 July. H.B. 1297 identifies 14 cybersecurity-related areas in an effort to battle cyber threat actors. The bill is perhaps the first bill to specifically establish a security operations center (SOC) at a US state level and may be the leading edge of a state trend. Many other states of cybersecurity-related legislation in motion – check out what your state is doing in this list of 2021 Cybersecurity Legislation.

As state and local governments look to accelerate migration to the cloud to improve citizen services delivery, security is a driving force. StateRAMP, which opened membership just this spring, is expected to become an essential bridge for secure modernization. StateRAMP — which is taking best practices from its cousin the Federal Risk and Authorization Management Program (FedRAMP) — aims to standardize state and local governments’ approaches to security and risk assessment across cloud technologies at a time when they need all the support they can get. However, the road to StateRAMP compliance is still under construction.

SLTGs are hurting and are starting to react. The CyberRes team can also help. We have a broad range of solutions to support SLTGs on cybersecurity issues. Learn more by visiting CyberRes.com.