Why city and state governments may be unprepared for ransomware attacks

Despite the rise in ransomware, a lack of prevention training and stagnant security budgets are putting local governments at risk, according to IBM Security.

Ransomware can target many types of organizations. But city and state governments can be especially hard hit. Attacks against government agencies that hold valuable assets hostage can compromise sensitive accounts, impact community resources, and even shut down critical services. Though ransomware incidents against local governments increased in 2019, many agencies are still unprepared for a potential attack, according to a report released Thursday by IBM Security.

SEE: Cybersecurity: Let's get tactical (ZDNet/TechRepublic special feature) | Download the free PDF version (TechRepublic)

Report results

For its report "Public Sector Security Research," IBM commissioned The Harris Poll to survey people who work for state or local government agencies in the US. Based on the 690 employees who responded, the survey found that 73% of them are concerned about impending ransomware threats to cities across the country. Among all respondents, half of them expect ransomware attacks in their community to rise in the next year, 60% can see their own workplace targeted by such a cyberattack, and 16% have already experienced a ramsomware attack.

Last year saw a surge in ransomware attacks against US government agencies, affecting more than 100 federal, state, and municipal governments, according to security provider Emsisoft. Despite this increase, half of the employees surveyed for IBM Security said they haven't seen any change in preparedness from their organizations, while only 38% said they've received general ransomware prevention training. Further, 52% of the respondents said that their budgets for combatting cyberattacks have remained stagnant.

Despite the lack of readiness, 66% of those surveyed said they feel their employer is prepared or at least somewhat prepared to deal with cyberthreats to their services. Some 74% also feel confident in their own ability to detect and prevent an attack.

SEE: Malware Response Checklist (TechRepublic Premium)

Election concerns

As the US prepares for the 2020 election in November, election security is a top concern among government workers. Among the respondents, 63% said they're concerned that a cyberattack could disrupt the upcoming elections, with most of them pointing to their local Board of Elections as one of the top three most vulnerable systems in their communities. Cyberattacks can target election systems and voting machines but can also be used to distract voters, weaken confidence in election systems, and impede voters from casting ballots, IBM said in the report.

Beyond government agencies, public school systems can also be a tempting target for ransomware. Public schools were the seventh most targeted industry for cybercriminals in 2019, according to IBM's X-Force Threat Intelligence Index. Among educators surveyed by The Harris Poll, 44% said they hadn't received basic cybersecurity training, while 70% said they haven't gotten adequate training specifically on how to respond to a cyberattack.

SEE: What is fileless malware and how to you protect against it? (free PDF) (TechRepublic)

Some progress has been made

Though many government agencies and employees seem unprepared for ransomware and other cyberattacks, progress apparently has been made since last year. Among the respondents, a majority said they've seen improvements in cybersecurity at their employers since 2019, while 70% said they think their employers are taking the threat of cyberattack seriously.

Solutions

Many city and state government employees want the federal government to play a greater role in combatting cyberattacks. Among the respondents, 78% said they believe the federal government should provide assistance to communities to respond to cyberattacks. Some 76% said they feel that cyberattacks require emergency support, similar to the aid used for natural disasters.

Further, IBM Security believes that U.S. cities need to beef up their preparedness through collaboration and threat sharing by creating and implementing incident response plans, and by regularly testing their preparedness via threat simulations.

Sponsored by IBM Security and conducted by The Harris Poll, the survey received responses from 690 local and state employees in the US, including those from IT and Security departments, emergency services, and public education. The online survey was conducted from Jan. 16 through Feb. 3, 2020.

Also see

Ransomware

Image: kaptnali, Getty Images/iStockphoto