The Los Angeles Post

States and counties plead for cybersecurity assistance

by ·

Cash-short state and local governments are pleading with Congress to send them funds to shore up their cybersecurity as hackers look to exploit the crisis by targeting overwhelmed government offices.

Members of Congress have taken notice of cyber threats at the state and local level, both before and during the pandemic, and efforts are underway to address the challenges, though how much will be provided is uncertain amid a fight over the amount of additional coronavirus stimulus.

For Atlanta’s top cybersecurity official, any funds cannot come soon enough.

“We would love and welcome more funding from the federal government as our digital infrastructure is just expanding and it’s going to expand even more because of this,” Gary Brantley, the chief information officer for the city of Atlanta, told The Hill.

Brantley said that coronavirus-related attacks have become an issue for his office, particularly those targeted at his office through malicious phishing emails.

“We are seeing a lot more malicious activity, especially a lot of activity related to COVID-19,” Brantley said. “I know our phishing attacks are up tremendously across the city and attempts to confuse our user base are high.”

Prior to the pandemic, state and local governments were already plagued by cybersecurity threats.

Ongoing attacks: Ransomware attacks, in which the attacker encrypts a system and demands money to unlock it, have increasingly hit government entities across the nation over the past two years.

The city governments of New Orleans and Baltimore had their networks temporarily taken out by ransomware attacks last year, while a coordinated attack on almost two dozen Texas towns in August and attacks on multiple school districts in Louisiana also highlighted the threat.

Atlanta was another city that fell victim to a ransomware attack. The 2018 incident negatively impacted city networks for months, and forced residents to pay some bills by paper. The city spent millions to recover from the attack, and the Justice Department later indicted two Iranian nationals in connection to that attack.

Brantley said lessons learned from the 2018 cyberattack helped prepare the city for new threats that have come up during the pandemic.

“We went from a computer virus to a human virus, and I just recall thinking we were focusing on the right thing, we didn’t expect this [the pandemic] to happen, but we were focusing on our business continuity plans,” Brantley said. “From a mobile workforce perspective, the one thing people don’t really take into consideration is strong IT.”

Critical time: But with states increasingly facing budget shortages and even potential bankruptcy from the impact of COVID-19 shutdowns, cybersecurity funding is uncertain at a time when more people are working from home and placing stress on systems and when hackers are zeroing in.