America’s counties employ 3.6 million employees who serve some 308 million county residents. Counties play a significant role in every aspect of our lives — including hospitals and clinics, roads, bridges, airports and other infrastructure, public safety and courts — and are largely responsible for local and federal elections administration. Counties provide vital services to all Americans, from issuing birth certificates and marriage licenses, to operating 911 call centers. While balancing numerous administrative responsibilities, counties deliver essential services to ensure healthy, vibrant and safe communities across the United States.
Given this vast scope of responsibilities, county governments have become increasingly attractive to cybercriminals who view counties as vulnerable targets.
The National Association of Counties and the Public Technology Institute recently completed a survey on information technology (IT) professionals’ top concerns. It was no surprise that cybersecurity ranked No. 1. Indeed, cybersecurity has been ranked as the top concern over the past five years.
Cybersecurity breaches have grown some 26 percent over last year with ransomware, in particular, continuing to rise.
Imagine waking up to find that all your government files and applications are frozen. You receive a message requesting $23,000 in Bitcoins (basically dollars converted to untraceable cryptocurrency) as the price to regain control of critical files and operations. This is exactly what happened to Mecklenburg County, North Carolina, in early December 2017.
Until recently, ransomware has become highly profitable for the “bad guys.” Ransomware demands are often paid because of the relatively small amount asked coupled with what it might cost to completely reconstruct a system — let alone the perceived comfort of immediate relief.
In the case of Mecklenburg County, they spent many hours agonizing over the pros and cons of “giving in.” It would have been far cheaper to pay the bad guys off, but what if they reneged, or asked for more, or attacked again?
In the end, Mecklenburg County took the advice of most major security experts; they decided not to pay and, instead, went through a labor-intensive and time-consuming exercise in rebuilding their systems from previous backups. It was more than money that was at stake.
As long as ransomware demands are met, more such attacks will continue. But according to cyber experts, if more counties followed the latest best practices, much can be done toward prevention.
County IT professionals are fighting back and adapting to an ever-challenging environment. Just a few years ago, the focus was on purchasing better firewalls as the main defense. Today, IT professionals are moving away from relying on perimeter-based protection systems and toward active monitoring systems that constantly scan for intrusions and system anomalies throughout the enterprise. Savvy IT managers know to have to-the-minute accurate backups, as well as system mirror-image application systems that allow restoration of a system to its pre-infected state. Another major development has been the introduction of software that reviews incoming messages and automatically isolates suspicious files before causing damage.
Today, county leaders realize that cybersecurity defense is an all-hands endeavor. All county employees should undergo continuous cybersecurity awareness training to keep up with the latest threats. IT professionals should undergo continuous training to keep apace with the latest technologies and mitigation strategies. IT professionals should take the lead in establishing and enforcing new policies regarding mobile device usage and storage in county government.
Finally, regardless of all the new technologies, the human element holds major opportunities for counties in cybersecurity awareness as well as leadership training. Counties must be willing to share their experiences with others so that when something bad happens, others can learn and adjust. Here, Mecklenburg County is but one good example.
• Dr. Alan R. Shark writes for the National Association of Counties (NACo) serving as a senior advisor for technology leadership. Dr. Shark also serves as Executive Director and CEO for the Public Technology Institute, and is an associate professor at the Schar School of Policy & Government, George Mason University.
Please read our comment policy before commenting.