Cyber thieves target local, county governments to launch bigger attacks
Lindsay M. McCoy
When Webster Township in Washtenaw County was attacked by ransomware, officials had to create a new website, new emails and new anti-virus and ransomware software to resolve the problem.
It was one of 77 ransomware attacks in the United States last year that were confirmed by the cybersecurity company, Emsisoft.
To lessen such attacks, the federal government has included a new $1 billion cybersecurity grant program in the bipartisan infrastructure law passed last year. It allocates the bulk of the funding that states receive for their local governments, with 25% of the money earmarked for rural governments.
Sgt. Matt McLalin, who investigates cyberattacks in the State Police’s cyber command center, said local and county governments make up a lot of the center’s victims.
“Every single week we are getting multiple reports of local governments who have been affected,” McLalin said.
Brett Callow, a threat analyst from Emsisoft, said the discrepancy in data stems from not all attacks being reported to his New Zealand-based company or being labeled as “cyberattacks” rather than ransomware.
“Tracking incidents is far more challenging than it should be,” Callow said.
The most common type of attacks on rural governments are ransomware attacks and phishing emails, said Michigan Tech University professor Yu Cai, a cybersecurity expert.
“The ransomware is getting explosive in the past 10 years, so we see a lot of cyberattacks based off ransomware,” he said.
When ransomware infiltrates a computer system, those impacted can’t access their information systems until they pay ransom to the hackers, usually in the form of bitcoin, according to Cai.
Rural governments often become targets of such attacks because of their lack of expertise or resources to defend themselves, he said.
“Small towns, rural areas, they can’t even afford an IT person, let alone a security person, so they are an easy target,” Cai said.
A less obvious reason why rural and other small governments are often targeted is because they can be used as gateways to larger attacks, he said.
“A lot of small towns think, ‘Well, we don’t have a lot of valuable information in our computer…