Cyber Attacks on Municipalities

What attracts cyber criminals to municipalities and how they can be prevented.

By Veronika (Nikki) Jack, Student Majoring in Information Technology-Cybersecurity, George Mason University

Cyber-attacks on municipalities have been increasing at an alarming rate, this is a cause for concern. The reason that municipalities are such an appealing target to hackers is that they store valuable information and records of many citizens. As local and national governments are changing their method of keeping records from paper to digital and as technology advances, it makes hackers extremely interested in breaking into the systems to extract the data. Municipalities are easier targets compared to private companies because it is known to hackers that their systems can be outdated, making them easier prey to catch.

Our reliance on technology is growing, and more information is being stored on digital platforms. Technology has many benefits and does help speed up every day processes, however, when the proper security measures are not in place they can be hacked.

The breach of a municipality’s data can be devastating. When digitally stored data and the IT (Information Technology) infrastructure are compromised, it can cause significant disturbances and disruptions to normal city functions. For example, a breach in a municipality can impact the city’s utilities, emergency services, and local law enforcement, and the community will be affected in a negative way. Attacks on cities threaten the integrity of confidential data. People’s information and records are stored digitally, the release of this data includes individuals’ personally identifiable information (PII). Data including important documents, records, and information about a person can be leaked to the public or lost.

It is known that local government data are using old and dated technology that is not updated and is running on outdated software versions that could be vulnerable to attacks. When technology is not updated this leads to increased exposure to risks because patches and other security fixes are included in the latest update.

When a system is compromised even by paying the ransom you are not guaranteed that you will get access to all the data, and it can be permanently deleted. Hackers can find exploits online that run specific code or commands to compromise a system. When a zero-day attack occurs, it is especially important that affected systems are isolated from the network so that they are not further affected or contaminate any other devices.

One of the most recent attacks was a breach at a healthcare administrator which targeted employees and staff of the House of Representatives in March of 2023. Information of over a hundred lawmakers was released. When there are breaches like this substantial amounts of personal information could potentially be released and could get into the hands of the wrong people.

One effective way of understanding how cyber-attacks work can be found in the speech delivered last year at the Fairfax County Public School Boards Annual Conference by Adib Sarkar, founder, and CEO of CYB3R8. He stated that “Everything’s interconnected these days, from our smartphones to the cloud systems we use. And guess what? Each connection is a potential weak spot for hackers to exploit. It is like playing a game of “Find the Vulnerability,” and all it takes is one tiny crack to bring the whole system crashing down.”-Adib Sarkar

Devices need to be secured because any small vulnerability can compromise the entire system. There are many ways that hackers can try to get into systems. They can try getting in through vulnerabilities in code or try brute forcing (putting thousands of password combinations until they crack the password) their way into a system, but an easier way is to trick employees using social engineering, which means tricking people into giving out information. For example, some hackers will send out emails disguising themselves as someone else just to get information about a system that they can later get into.

To solve this problem, local governments must make sure their staff are trained to know how to spot and avoid being tricked by something that is malicious. They should have routine password changes and the stored data should be encrypted so it is not easily accessible.

One big reason cities are such a big target for breaches is that their systems are outdated because they are underfunded or do not have enough security measures properly implemented at the scale needed. Investing more money into IT security can help to avoid being a target. Trying to recover from a disastrous incident such as a large amount of data loss can be detrimental to a city and can lower its reputation.

The reason hackers want this information is to sell people’s data on the web and to get insight into companies. A large driving factor for attacks is money, and the more information a hacker can extract, the more they make. If the data the hackers are taking is more current, it is more valuable. Information is usually sold in bulk, and quickly before it can be caught.

“These hackers might want to cause chaos, disrupt services, or steal sensitive information to use as leverage.”- Adib Sarkar

To have a secure system, it is important that the technology is updated to comply with new laws and regulations. Data on systems should be audited regularly to check for any anomalies. Old tech should be replaced, and modern technology should be updated regularly because technology constantly evolves and changes. Investing in new security systems and training will be a better way to manage their funding, rather than dealing with a breach which can be devastating.

About the Author

Veronika (Nikki) Jack, and I am a student at GMU (George Mason University) majoring in Information Technology-Cybersecurity.   I was named a winner in Cyber Defense Magazine’s Young Women in Cybersecurity scholarship program in 2022.

Nikki can be reached online at [email protected].