What would a small community do if its school district’s network was attacked by ransomware? What about if a municipally managed wastewater treatment plant in a rural county was shut down by a digital onslaught initiated by organized cybercriminals operating a continent away?
With cyberthreats increasingly targeting municipal frameworks, these are the types of questions that constituents should be asking—and ones that local administrators should be prepared to answer.
“You’re talking about tens of millions of dollars being raised from these crimes. It’s become a big business,” said Bert Kashyap, CEO of the cybersecurity firm SecureW2, which advises local governments on cybersecurity.
Two decades ago when Kashyap entered the industry, hackers “were playing around with malware, it was less of an organized crime type of thing. Now, it’s definitely gotten to the point where there are nation states protecting these folks, and cyber gangs are basically forming syndicates,” Kashyap said.
Last year, for example, American government organizations were targeted by nearly 80 ransomware attacks, potentially impacting 71 million people, according to a from the consumer tech information site Comparitech.
Recently, the Allen Independent School District in Texas was targeted with ransomware. The district refused to pay, according to reports, and parents of children in the school system have since received threatening emails warning their student’s private information will be released if the district doesn’t change course. And on Thursday, the cybersecurity firm Mandiant issued a report detailing how “an aggressive, financially motivated threat actor” that goes by FIN12 is specifically targeting “critical care functions. Almost 20 percent of directly observed FIN12 victims were in the health care industry.”
Faced with this rapidly emerging threat, Kashyap says most of the administrators he’s talked to and advised say they’re not prepared.
“Everyone from school district (managers) to other local officials tell us they’re concerned,” he said. “Especially with the ransomware threats, when you have a situation (that)…