Government agencies have a lot to protect. Whether it’s the sensitive information the public trusts them with, or the essential services provided, there’s a lot at stake when it comes to safeguarding against cyber threats.
These critical responsibilities also make government agencies particularly enticing to malicious actors, requiring robust measures leveraging the best of current technologies to protect against them.
According to recent data, cyberattacks on state and local governments have continued to rise. The Center for Internet Security’s latest publicly available data shows that malware attacks against state and local agencies increased by 148%, while ransomware incidents rose by 51% during the first eight months of 2023 compared to the same period in 2022. Additionally, endpoint security services incidents, such as data breaches, unauthorized access, and insider threats, surged by 313%.
Why Local Governments are Targeted
Government agencies have become prime targets for cyber-attackers. Let’s explore the potential reasons behind this concerning trend.
Personal Information
While many businesses and organizations have distanced themselves from using government issued ID numbers to identify their clients and customers, IDs like the Social Security Number are still required elements of the data a government agency needs to retain for their constituents. In fact, many of the data points retained for individual citizens are the very same pieces of protected information that public policy aims to keep safe. As of 2004, a driver’s license no longer has your SSN on the ID itself – but in most states, you still need a SSN to get one.
This personally identifiable information is a frequent goal of cyberattacks, seeking to use this information in varying types of identity theft or to aid in other illegal activities. Someone who calls a citizen with personal information about them at the ready may be more likely to gain their confidence and further their fraudulent aims.
Outdated Solutions
For many state and local government agencies, resources are a challenge, and potentially expensive propositions like increased cybersecurity are often assigned a low priority.
A 2023 survey by the Center for Internet Security found that 30% of local governments were either not performing cybersecurity activities or using informal, ad-hoc processes due to lack of funding. The same survey revealed that 80% of local government participants reported having fewer than five dedicated security employees, highlighting resource constraints.
Tight budgets also mean these agencies are relying on older, more vulnerable technologies that could be more easily exploited. So not only are there constraints on how many resources are employed to help combat cyberattacks, but those in place are working with systems that are easier to crack.
The Rise of Smart Cities
Increasingly, state and local governments are leveraging expanding technology to both improve the services they provide and amass the data they need to make informed policies.
This often involves integrated online services, which have the benefit of allowing many disparate devices and systems to communicate with each other. It also allows for more accessibility for the citizens benefitting from these services.
The drawback, of course, is now there are more potential points for intrusion, so if these integration links are not managed securely, they could represent just the opening a cyber-attacker is looking for to gain entry to a municipal system.
Critical Infrastructure
While the aim of most cyberattacks remains financial, with ransomware garnering the lion’s share of media attention, there are malicious actors whose intent is disruption rather than monetary gain. For them, the organizations that manage crucial systems like emergency response and utilities offer very tempting targets.
Hacking these systems could potentially impact many people at once with critical consequences, so for those looking to create havoc, targeting an agency with limited ability to combat a concerted attack could be an appealing proposition.
How to Shore Up Cyber-defenses
Budgetary constraints will most likely continue to be a limiting factor for agencies that don’t have access to the resources a privately funded company would, and, even with additional funding available from the Department of Homeland Security and others. A working solution for an organization not in a position to just throw vast amounts of money at a problem would be to consider several key defensive strategies. Listed below are some of the more impactful ones, that can be implemented.
Training, Training, Training
According to the federal government, upwards of 90 percent of successful cyberattacks start with a phishing e-mail. While the popular image of a hacker as a well-equipped technology guru who brute forces their way into a system still endures, in reality, most breaches start with a seemingly innocent email opened by an employee. Training on how to handle phishing, manage passwords, and employ Multi Factor Authentication are not short in supply, but they have to be reinforced and re-emphasized on a continuous basis to be effective. Social engineering attacks continue to evolve, now including official-looking emails replete with logos and bogus contact information, so ongoing training is absolutely necessary to keep employees informed on what poses a risk.
Change in Culture
Technology can no longer be viewed as something extra that either makes things a little easier or, sometimes, makes things more difficult. It has become an indispensable part of doing business, even if that business doesn’t involve turning a profit. Training government employees on internet safety won’t turn the tide if they don’t see it as a crucial part of government operations. From the elected officials on down, there has to be buy-in. Agency policy has to reflect the significance of safe technology practices, and this should be supported at all levels.
Learn More
Private Networks
While there are many potential technology solutions to cybersecurity vulnerabilities, some form of private network configuration factors heavily into most of them. Limiting access to protected information and critical services is key in the defense against cyberattacks, and utilizing private networks is an effective means to that end, one we will explore more below.
Why Private Networks Work
Isolating Data
Not all the data retained by a government agency needs to be internet-facing. Implementing a private network so key staff can access this information readily while isolating it from the public sphere is paramount. This insulated data can be further encrypted so that even if a threat actor were to access the network, another level of security would have to be breached to access sensitive information.
Role Based Access
Employing a private network also allows for more granular control over who has access to what. By setting up levels of permission in the network and assigning permissions to specific roles that are then assigned to users, security staff can more readily employ the principle of least privilege, where each user only has access to what they need to do their jobs.
Authentication Measures
These private networks also allow for a variety of robust authentication measures, such as the increasingly popular Multi-Factor Authentication, to make sure that gaining access to a password isn’t enough to breach critical systems. These measures can be scaled up or down to match the sensitivity or importance of the systems being accessed.
VPNs for Remote Access
Connecting from the home or from the field is one of the many benefits of advancements in connectivity technology, but it also represents a risk. Utilizing a Virtual Private Network for these interactions is a proven way to still enjoy the flexibility of remote access while enforcing increased protection from malicious intrusion.
Monitoring and Logging
Private networks can employ a variety of tools and methods to keep an eye on network activity, helping cyber-security staff to remain vigilant and identify breach attempts before they become actual intrusions. Since private networks should have more limited access and a finite list of users, IT staff can more quickly find potential issues using the monitoring and logging tools inherent to most networks.
In Conclusion
Our local government agencies provide invaluable services that most of us could not imagine being without. As stewards of these services, we entrust them with our personal information and assurances they will be there when we need them. These responsibilities also make them auspicious targets for threat actors looking to profit or disrupt, and the success of cyberattacks can erode that aforementioned trust. Consideration of employing a private network, along with implementing clearly defined best practices and continuous education are critical steps for shoring up that trust and making sure that when the people need it, their government can provide.
- Driving Innovation in State and Local Government: The Essential Role of High-Speed Connectivity - April 9, 2025
- Enhancing the Digital Customer Experience: The Role of IT in Driving Customer Engagement - April 2, 2025
- Private Networks – A Key Cybersecurity Safeguard for State and Local Government Agencies - March 20, 2025
