#United States #Cybersecurity #KnowBe4 #Tampa Bay #Ransomware

Local Governments Under Siege by Ransomware Attacks

In a concerning revelation, KnowBe4, a leading name in cybersecurity, has released a report shedding light on the dramatic rise in ransomware attacks directed at local governments across the United States. This increase comes at a time when these state, local, tribal, and territorial (SLTT) governments are grappling with severe budget constraints and an alarming shortage of cybersecurity personnel.

The report uncovers that local governments are now one of the top three sectors targeted by cybercriminals, with statistics from 2023 showing that upwards of 80% of these organizations have fewer than five dedicated employees focusing on cybersecurity. In the face of an overwhelming cyber threat landscape, these understaffed entities are left vulnerable.

Skyrocketing Cyber Incidents

Data from the recent MS-ISAC survey illustrates a staggering increase in cyber incidents, marking a 313% rise in reported security breaches over the past year alone. Complicating matters further is the federal government’s recent decision to cut $10 million in funding for the Center for Internet Security (CIS), an organization vital to the information-sharing efforts of government bodies, making it even harder for them to combat these threats effectively.

Human Error: The Most Common Vulnerability

One of the key findings of the report is that human error remains the prevalent entry point for these cyberattacks. It is estimated that between 70-90% of breaches are facilitated through social engineering tactics, indicating a pressing need for enhanced cybersecurity training and awareness among government employees.

The Solution: Security Awareness Training

In light of these findings, the report emphasizes the value of security awareness training for employees. It highlights that organizations implementing comprehensive training saw a significant drop in phishing susceptibility—from 33.1% to a remarkable 4.1% over the course of one year. This remarkable reduction underscores the effectiveness of investing in human risk management as a robust defense against cyber threats.

Financial Ramifications of Ransomware Attacks

The financial implications of ransomware attacks are grim, with the average ransom demand skyrocketing to $872,656 between 2018 and the end of 2024. Overall, the total costs incurred due to these attacks have surpassed $1.09 billion, stretching the limited resources of already-strapped local government agencies.

The Call for a Security Culture

Erich Kron, a Security Awareness Advocate at KnowBe4, expressed deep concerns regarding the cybersecurity preparedness of state and local governments. He stated, “As these organizations grapple with constrained budgets and outdated infrastructure, they remain prime targets for cybercriminals. The surge in ransomware attacks underscores the need to build a more resilient security culture.” Kron emphasized the importance of adopting a proactive approach to human risk management, which can empower these organizations to transform their vulnerabilities into strengths.

Looking Ahead: The Need for Action

As local governments face unprecedented challenges in cybersecurity, the findings of the KnowBe4 report serve as a crucial wake-up call. Investing in security awareness training and fostering a culture of cybersecurity readiness must be prioritized to protect these institutions from cyber threats. Now, more than ever, as both external threats and internal weaknesses proliferate, local governments need to leverage every tool available to safeguard their infrastructure and maintain the trust of the citizens they serve.

To access the full report titled "State and Local Cybersecurity Facing New Burdens Amid Rising Threats," visit KnowBe4's website and take a proactive step towards mitigating these dire challenges.