Connecting state and local government leaders
Ransomware attacks can cause serious headaches for governments and their residents. Can greater collaboration between jurisdictions help prevent the cybersecurity breaches?
With ransomware attacks on the rise, some state and local governments are pooling resources with the hope of improving their cybersecurity defenses.
Ransomware attacks, where hackers breach a computer network, lock up data and demand a ransom to release it, are becoming more frequent in the public and private sector. The attacks often cause costly disruptions, not to mention the potential loss of sensitive data.
For states, localities and other public institutions, ransomware can cause problems with important public services, making it a top concern for many officials.
A partnership-oriented approach to cyber-defense is described in a recent National Association of State Chief Information Officers report that recommended it as an effective way to ward off cyberattacks.
Sharing resources, intelligence and strategies among state government agencies can help build a united front against attackers, according to the NASCIO report. Vulnerabilities discovered in one agency can be patched in others long before attackers can exploit them.
NASCIO also recommends states share cybersecurity resources with local governments, so they too can be covered by the overall protection umbrella of their state.
Ransomware gangs can reap large sums from victims that pay up, with little to no risk that they will be caught, much less brought to justice.
A study by Compritech, which researches cybersecurity and online privacy issues, found that there were 79 ransomware attacks in 2020 that specifically targeted U.S. city and county governments. Those attacks collectively impacted over 71 million people.
In 2020, the average ransom demanded from government-related organizations was $571,000, with more than $1.75 million actually paid to attackers, according to the study findings.
The NASCIO report went beyond just laying out options for statewide collaboration. It also provided specific examples of where whole state approaches to cybersecurity are getting adopted.
One example is the Colorado Information Sharing Consortium network, created to facilitate the sharing of threat information between all state agencies. In Colorado, this not only includes sharing that data with local governments but also industry and other critical non-government entities in the state.
Meanwhile, Georgia in 2018 opened its Georgia Cyber Center. The center’s mission is to help the state train cybersecurity experts in the latest defensive techniques and technology. The goal is that at least some of those experts will go on to help defend state and local governments, who can also send people there to train.
The center partners with Augusta University and Augusta Technical College to offer many cybersecurity certificate programs, plus undergraduate and graduate-level classes covering the whole range of cyber sciences. It also started a partnership to provide high school girls a pathway to develop cybersecurity skills and explore tech careers.
Iowa is also circling its wagons for mutual cybersecurity defense.
The state recently leveraged the federal Homeland Security Grant Program to address gaps in its vulnerability scanning. Iowa used the funds to create a unified plan whereby all state agencies and local governments now get unified vulnerability scanning for their systems as well as an organized and managed patch management program.
Iowa is in the process of testing other cybersecurity programs and services that can be shared across state and local agencies. The state’s goal is to provide protection and cybersecurity assistance to any agency that needs it.
Ransomware is likely to remain a top threat to any public institution for the foreseeable future. NASCIO's report suggests that defending against attacks will take a whole state approach, like what is being deployed in Iowa, Georgia and Colorado.