How to Prevent Cybersecurity Attacks on State and Local Governments

Illustration of government building

As a citizen, have you ever considered what institutions (other than credit card companies, financial institutions, or perhaps the IRS) are responsible for safeguarding your personal information? When you read about cyberattacks on election systems, do you think your personal information is inconsequential? Or that these attacks are simply an issue for the candidates? Well, think again.  

Cyberattacks are infiltrating communities, including education, law enforcement, and healthcare. Through social engineering (getting you to click on an ad, email, or link sent to your mobile phone), a single click has the potential to expose an entire database of sensitive information to bad actors. Think about it, your kids are enrolled in school with social security numbers and personal information. If your children are enrolled at a private institution, then there is the addition of your financial information.  I recently moved to a different state. That move required that I apply for a new driver’s license. As part of their confirmation process, the Department of Highway Safety (DHS) scanned my previous year W2, my passport, a copy of my auto insurance, and my vehicle registration. Not to sound paranoid, but that means my social security number, my income, and my address is now in a file located at the local DHS. Now, to be fair, most people trust their state and local government entities. Unless a person has been the victim of an attack or been subject to identity theft, there is little concern when providing these incredibly personal documents. That said, municipalities are responsible for safeguarding sensitive information and confidential files – making them extremely vulnerable to bad actors. Not too long ago this was highlighted at a small beach town in Florida. An uneducated click led to a cyberattack that cost roughly $600,000.00 (4[CC1] ). The information stolen was used for a ransomware attack against the city, which then paid the ransom to avoid the very public embarrassment and potential lawsuits that would have resulted in the loss of sensitive citizen information. 

If that doesn’t make you pause for concern, consider this, since 2016, attacks on hospitals in the state of Texas have impacted 483,000 patients. Some of these attacks have caused nearly $20 million in total damages.  

State and Local Government Challenge

“State and local governments are responsible for safeguarding everything from elections systems to an increasing amount of sensitive personal data”

  • Senator Gary Peters of Michigan (D).

The ability for end users (employees) to identify and report phishing emails is critical to act as a last line of defense and to prevent future attempts. In a single year, between 2018 and 2019, known attacks on local governments rose 58.5%. Such attacks are a huge burden on state and local Government requiring not just education but automation. (5) Sadly, data shows that 48% of elected councilors and/or commissioners are either slightly aware or do not know the extent of the need for their own cybersecurity. (5)  Compounding lack of awareness is the constant challenge of financial allocation to address cybersecurity. According to a study conducted by the National Association of State Information Officers (NASCIO) approximately 50% of states do not have a committed cybersecurity line-item budget.  Perhaps more disconcerting is the fact that 37% of states have seen a reduction in funding or no change at all. The alarming result is even less is being spent on cybersecurity. (6)

The COVID-19 pandemic has created more stress on state and local government by forcing work-from-home and opening the risk to a catastrophic cyber event. One large agency CIO shared, 

“..All those unprotected iPhones, iPads, home computers are like detonator connections that can explode into our data center!”    

Before we consider how to mitigate the risk, let’s take a look at the potential economic threats to state and local governments, through some alarming statistics: 

  • The average cybersecurity breach costs states between $665,000 to $40.53 million, with a median cost varying $60,000 to as high as $1.87 million. (1)
  • The average ransom amount demanded by cybercriminals from 2013-202 was $835,758.33. (2)
  • 53.2% of attacks in state government are targeted towards cities and local schools across the nation. (3)

A Tale of Two Departments 

About two years ago I received an urgent call from the CIO of a County Board of Commissioners, letting me know that there was an active phishing attack targeting the county. Specifically, the phishing attack targeted employees of the County Clerk of Courts, the county commissioners, city employees, and the judges, directly.  Thankfully, those judges were being protected by the County Clerk of Courts IT department, who had previously implemented cyber defenses that had successfully blocked the attack.   

Meanwhile, downstairs, the County Board of Commissioners IT department were busy identifying the same attack, which while blocked, had planted malware on their servers.

How then, the County Board of Commissioners IT departments asked, was the County Clerk of Courts IT department able to block the SAME attack, prior to malware installation? The answer was simple. The County Clerk of Courts had purchased and deployed a Threater Threat Intelligence Firewall platform, in front of their existing NGFW. (7) 

When we compare the cost of proactively implementing the Threater Threat Intelligence Firewall platform vs. the immeasurable cost of a phishing attack that exposes the private information of tens of thousands of innocent citizens, the choice is obvious.  

At the end of the day, cyber attacks against state and local governments remain an attractive target for cyber criminals. Personal data, financial information, state identification and credit card information, ripe for identity theft. Protecting that information starts with the local entities themselves.

In today’s crazy environment, when state and local government buildings open and closed from one day to the next, employees are incredibly mobile, ensuring that the employees, systems, and confidential data stored on those systems, is even more important. However it doesn’t have to be hard. 

To learn more about how the Threater Threat Intelligence Firewall platform can help, visit

To learn more about how the Threater Threat Intelligence Firewall platform solves the threat intelligence challenges facing Next Generation Firewalls, download our recent whitepaper: 

The Threat Intelligence Challenges with Next Generation Firewalls 

Now…for some really boring cited resources. We do our homework here at Threater. 

  1.  The Council of Economic Adviser. (2018, Feb).  The Cost of Malicious Cyber Activity to the U.S. Economy.  White House.
  2.  Free, Benjamin.  (2019, Oct). Ransomware Attacks Map Chronicles a Growing Threat. State Scoop.
  3.  The Council of Economic Advisers. (2018, Feb).  The Cost of Malicious Cyber Activity to the U.S. Economy. White House.
  4.  Massei, P. (June 2019). Hit by Ransomware Attack, Florida City Agrees to Pay Hackers $600,000.  New York Times.
  5.  Donald Norris, A.J. (2018). Local Government’s Cybersecurity Crisis in 8 Charts.  Baltimore:  The Conversation.
  6.  Deloitte Insights.  (2018) Deloitte-NASCIO Cybersecurity Study States at Risk: Bold Plays for Change.
  7.  Leon County Clerk of the Circuit Court and Comptroller.  Public Records Request 119. Inspired Technologies: Leon County Clerk of Court Information Technology Assessment 2019.