Government workers throughout the state are gathering this week for the annual Texas Municipal League Conference, where cybersecurity is a major theme in light of the August ransomware attack.
Government employees received required cybersecurity training at the conference, which has been rolled out this year after the passage of a new state law, and attended panels on how to prevent cybersecurity threats in their workforce.
At the City of Bryan, workers can lose their jobs if they repeatedly violate the City’s cybersecurity policy by clicking on phishing attempts and other risky links. The City instituted the policy in September, which calls for evaluating a staff member’s employment after a fifth violation.
Bernie Acre, Bryan’s Chief Information Officer, said it’s all part of hardening the City’s defenses against the increasing risk posed by cyber threats.
“Here’s what I tell everyone at the City of Bryan: You’re either an asset or a liability,” Acre said. “You don’t want to be a liability.”
The City of Bryan last year was the victim of financial fraud, which cost the City hundreds of thousands of dollars after a City employee fell prey to a social engineering attack, when cybercriminals use personal identifying information or details they find out about an individual on social media to trick someone into clicking on something they shouldn’t or sharing sensitive information. Acre said the employee was asked to resign following the incident.
Remedial action against employees for clicking on suspicious links later found to be malicious cyber threats is one part of a broader strategy CIOs in local government are putting into effect.
Local governments in recent years have been prominent targets of ransomware attacks, as Bitcoin and other cryptocurrencies suddenly increased in value and provided an avenue for cybercriminals to demand ransomware from their victims in exchange for data they seized through hacking. When the hackers gain entry into their victims’ networks, they encrypt the files so that victims lose access to them until the ransom is paid or the files are recovered through other means, such as backups.
The City of Atlanta spent close to $3 million to recover lost data during a March 2018 cyberattack. In May 2019, a new strain of ransomware was used to attack the City of Baltimore, which will ultimately spend about $18 million to address the issue.
The August attack on Texas entities triggered a statewide response as well as support from the U.S. Department of Homeland Security, the FBI, and the Federal Emergency Management Administration. By the following week, the critical services of all victims in the incident had been restored, and the entities moved into a recovery period. The Texas Department of Information Resources, which oversees the State’s digital and computing resources, said it was not aware of any ransoms being paid in connection with the attack.
Texas suffered more than $195 million in total losses because of cyberattacks in 2018, according to the FBI’s annual Internet Crime Report. Ransomware attacks accounted for $725,000 of those losses, according to the report.
Acre said City leaders ought to take heed of the burden recent cyberattacks on municipalities have borne. And rather than underfunding information security or slashing resources, cities should make it a priority. He said chief technology officers at the City asked Baltimore City Council for more funding because they saw the need to shore up the City’s defenses against cyber threats, but the funds never came.
“I get budgeting,” he said. “But at some point, Baltimore didn’t make it high enough of a priority, and it cost them $17 million.”