Cities and counties can take key steps to avoid costly ransomware attacks

It costs real money when the public sector gets hit with a ransomware assault. The average (mean) cost for state and local government organizations to recover from a ransomware attack was $2.83 million in 2024, more than double the $1.21 million reported in 2023. This is a sample of the data in the “State of Ransomware in State and Local Government 2024 report.” The publication outlines results of a survey of 5,000 global IT/cybersecurity leaders, including 270 from state and local government.

Yes, local governments are increasingly vulnerable to ransomware attacks, says Jay Kaine, director of Threat Intelligence at Motorola Solutions and director of the Public Safety Threat Alliance (PSTA). He spotlights the following causes and vulnerabilities that have recently popped up: connected devices and remote work have created new entry points for malicious actors, and budget constraints are often constricting governments from acquiring security infrastructure or access to cybersecurity expertise.

Kaine points to two potential danger spots for public sector IT departments: external access points like email systems where employees can fall for a phishing scam, and exposed cloud application logon points that haven’t been properly secured or patched.

Kaine says these spots “are most vulnerable and accessible to threat actors looking for ways in.”

In the public sector, cyber-hackers are operating at record levels of frequency and impact, according to research from the PSTA. The group estimates that hackers are shutting down an average of at least one government agency globally each day.

Kaine explains: “Already this year, 108 municipalities have fallen victim to a cyber-attack with 60 percent of those breaches leaving IT systems encrypted for multiple days or weeks, according to PSTA data. Of all local government entities, cyber-attacks impact municipalities the most, with municipalities comprising 51 percent of attacks this year.”

The PTSA is a cyber-threat information sharing and analysis organization (ISAO). Motorola Solutions established the group in 2022.

According to Kaine, the PSTA is a collaboration and information hub for public safety entities including federal authorities, municipalities, police departments, fire departments, EMS units, 911 dispatch centers, prisons and utilities. “The PSTA can help city and county agencies be more resilient. Through PSTA, member organizations can learn about specific cyber-threats targeting local governments.”

Kaine adds that PSTA member organizations gain access to intelligence, analysis, automatic threat feeds and adversary playbooks—all free of charge. “Through these offerings, PSTA member organizations can strengthen their defenses.”

Can artificial intelligence (AI) help local governments fight off cyber-threats? “AI can bolster a city or county’s cybersecurity posture by helping IT staff analyze vast amounts of data in real time and detect anomalies. It can automate repetitive tasks such as vulnerability assessments and alert triage so that cybersecurity teams can focus on the most pressing and complex issues,” Kaine tells Co-op Solutions.

Kaine cautions: “While AI can be a powerful prevention and remediation tool for cybersecurity, it can also be used by threat actors.” One example he offers is the ability of unscrupulous hackers to craft highly sophisticated phishing emails with the aid of AI. “Municipal defenders must understand how threat actors can use AI and strengthen their defenses accordingly.”

Motorola Solutions serves several public-sector industries, including:

• Corrections
  • Education
  • Fire and EMS
  • Health care
  • U.S. Federal and Military
  • Law enforcement
  • Parking and mobility
  • Transportation and logistics
  • Utilities

OMNIA Partners, who sponsors this page, offers a robust portfolio of cooperative contracts in the public procurement space. The firm lists a number of cooperative contracts under the keyword “cybersecurity.”

Michael Keating is senior editor for American City & County. Contact him at [email protected].