Ransomware is a growing threat, but local governments are training staffers to be more awareRansomware is a growing threat, but local governments are training staffers to be more aware

More cities and counties are at risk of ransomware attacks in 2025, says Rakesh Thakur, managing director, Government and Public Sector, at EY, a global professional services organization. He points to the increasing sophistication of cybercriminals and the growing reliance on digital infrastructure as reasons for the increased risk. “The COVID-19 pandemic has accelerated the adoption of remote work and online services, expanding the attack surface for cyber threats. Additionally, many local governments may have limited cybersecurity resources and budgets, making them attractive targets for ransomware attackers.”

Government agencies today are more unified and integrated, Thakur explains, and that leads to greater risk. “The interconnected nature of government systems also means that a successful attack on one department can potentially impact multiple services and agencies.” The EY executive has more than 25 years of experience in cybersecurity consulting; he helps defend organizations against evolving threats. The EY Government and Public Sector consulting services leverage technology to solve complex agency issues; the firm works to modernize public sector programs and operations.

Thakur says local governments are doing the following to fight off hackers and ransomware threats:

• Cities-counties are adopting more advanced cybersecurity tactics and technologies.

• They are implementing multi-layered security frameworks that include firewalls, intrusion detection and prevention systems, as well as endpoint protection solutions.

• Many public entities are leveraging threat intelligence platforms to stay informed about emerging threats and vulnerabilities.

• Agencies conduct regular security assessments, including vulnerability scans and penetration tests, to identify and address potential weaknesses.

• The public sector emphasizes employee training programs to raise awareness about phishing attacks and other social engineering tactics commonly used by cybercriminals.

A goal of any security program, Thakur explains, is to enable the organization to achieve its mission and objectives. “IT and security leaders should focus on ensuring that the security solutions in place specifically support the activities performed by the agency and protect data.” 

He says the first step cities and counties should take to ensure IT system security is to conduct a thorough understanding and inventory of all applications, systems and data used for each business function. “This comprehensive inventory is essential for implementing appropriate security controls that protect these assets. By understanding what needs to be protected and how it is used, local governments can tailor their security measures to effectively safeguard their critical infrastructure and data.”

Thakur says local governments can enhance their cybersecurity posture by adopting a comprehensive and proactive approach to security. He suggests they implement robust access controls, such as multi-factor authentication, to protect sensitive data and systems. “Regularly updating and patching software and systems is crucial to prevent exploitation of known vulnerabilities.”

He also urges public sector IT managers to invest in advanced threat detection and response solutions to quickly identify and mitigate potential threats. “Conducting regular cybersecurity training for employees can help reduce the risk of successful phishing attacks and other social engineering tactics.”

Thakur offers this additional suggestion to preserve the cyber health of agencies: “The entity should develop and test incident response plans to ensure that it is prepared to respond effectively to ransomware attacks and other cyber incidents.”

He says local governments are most vulnerable in the following IT security areas: 

• Email systems and cloud applications are common targets due to their widespread use and potential for misconfiguration.

• Applications developed in-house are particularly vulnerable as they may not have received the appropriate funding or investment for thorough security testing.

• Untested code and misconfigured systems are critical vulnerabilities that enable hackers to increase the impact of their attacks.

Thakur says it is important that government entities establish a configuration management function that reviews and deploys secure system configurations aligned with industry best practices. “Ensuring that system backups are configured to capture all sensitive data and are scheduled appropriately is also crucial to minimize data loss in case of a disaster or compromise.”

Local governments are opening their purses to safeguard IT systems, Thakur believes. “We’ve continued to see cybersecurity remain front of mind for city and county leaders, which has translated into continued investment in cybersecurity solutions and services.” He explains that one of the primary challenges for IT and security leaders is obtaining funding for security solutions and services that require ongoing expenditures versus one-time investment. 

But security spending is growing, Thakur tells Co-op Solutions. “Despite these challenges, there is a noticeable trend of increased budget allocations for cybersecurity to address the evolving threat landscape. Funding for additional staff to support security functions remains a struggle across all government entities, but the recognition of cybersecurity as a critical priority is driving more sustained investment.”

Thakur says artificial intelligence (AI) presents both opportunities and challenges for cities and counties in their cybersecurity efforts. He explains that AI can streamline cybersecurity efforts through the automation of routine tasks and the use of advanced threat detection methods. “On the other hand, AI is being used by cybercriminals to craft increasingly realistic phishing messages and deepfake media, such as videos and voice memos, which may be more challenging for cities and counties to detect.” The EY executive concludes: “While AI can significantly bolster cybersecurity defenses, it also necessitates continuous adaptation and vigilance to counteract its malicious use.”

OMNIA Partners, who sponsors this page, offers a robust portfolio of cooperative contracts in the public procurement space. The firm lists a number of cooperative contracts under the keyword “security.”