Cyber thieves target local, county governments to launch bigger attacks

Lindsay M. McCoy

When Webster Township in Washtenaw County was attacked by ransomware, officials had to create a new website, new emails and new anti-virus and ransomware software to resolve the problem.

It was one of 77 ransomware attacks in the United States last year that were confirmed by the cybersecurity company, Emsisoft.

To lessen such attacks, the federal government has included a new $1 billion cybersecurity grant program in the bipartisan infrastructure law passed last year. It allocates the bulk of the funding that states receive for their local governments, with 25% of the money earmarked for rural governments.

There were 77 ransomware attacks on local governments in the United States in 2021. In 2019, a ransomware attack affected about two dozen Texas communities.

Sgt. Matt McLalin, who investigates cyberattacks in the State Police’s cyber command center, said local and county governments make up a lot of the center’s victims.

“Every single week we are getting multiple reports of local governments who have been affected,” McLalin said.

Brett Callow, a threat analyst from Emsisoft, said the discrepancy in data stems from not all attacks being reported to his New Zealand-based company or being labeled as “cyberattacks” rather than ransomware.

“Tracking incidents is far more challenging than it should be,” Callow said.

The most common type of attacks on rural governments are ransomware attacks and phishing emails, said Michigan Tech University professor Yu Cai, a cybersecurity expert.

“The ransomware is getting explosive in the past 10 years, so we see a lot of cyberattacks based off ransomware,” he said.

When ransomware infiltrates a computer system, those impacted can’t access their information systems until they pay ransom to the hackers, usually in the form of bitcoin, according to Cai.

Source…