Cities and municipalities continue to be under siege from hackers. In the past three months alone, several cities have been targeted by cybercriminals (and these are just the publicly reported cases): Michigan City, Indiana; Yellowknife, Canada; Sugar Land, Texas; McKinney, Texas; and Attleboro, Massachusetts.
These attacks have disrupted everything from municipal billing systems to emergency services, and cities have often faced ransom demands to restore public operations.
“I would like to thank our IT team for working around the clock these past two weeks to ensure we can still provide services,” Mayor Angie Nelson Deuitch told local media in October. “The city’s focus is on safely restoring systems and ensuring critical city operations continue to function.” Her remarks reflect the enormous resources cities must devote to cleanup and recovery.
Last week we explored what MSPs can do to protect their municipal clients. This week, we bring you insights from someone who is literally in the trenches to provide an inside view of what municipalities are facing and how MSPs can help.
We spoke with Kishore Bitra, Collaboration Engineer at the Baltimore City Office of Information Technology, to hear his perspectives on threats to municipalities and practical steps for protection.
The evolving threat landscape
Q: How has the threat to municipalities evolved over the past few years?
Kishore Bitra: The threats to local governments and municipalities have intensified. Attackers continually refine their tactics, and many local governments lack the sophisticated tools to fight back. Data breaches in local municipalities are also on the rise.
The big dangers to watch
Q: What are the biggest cyber-dangers that municipalities face?
KB: Ransomware, phishing, and zero-day threats top the list. Local governments are frequently targeted due to underfunded IT systems, older technology, and limited cybersecurity personnel. This makes them easier targets for advanced attacks such as ransomware, phishing, supply chain breaches, and zero-day vulnerabilities. These incidents disrupt vital public services and put citizen data and essential infrastructure at risk.
Q: Are hackers targeting bigger or smaller cities and towns more, and why?
KB: Both large and small communities are targeted, depending on the attacker’s objective. If the goal is a significant ransom, larger budgets may be targeted. If the aim is to spread disruption or political messaging, smaller towns and cities are attractive because they often have weaker defenses. In short, attackers pursue opportunities regardless of a community’s size.
City services most at risk
Q: Which city services are most vital and susceptible to disruption by an attack?
KB: Public safety is, unsurprisingly, a top concern. Attackers frequently target services that people rely on daily—parking meters, water utilities, permit systems, 911 services, safety cameras, tax collection, and other essential operations—jeopardizing continuous city services.
MSPs for smaller cities: a viable path?
Q: Should smaller cities and towns outsource their IT to MSPs for more robust protection?
KB: Outsourcing to MSPs can be a wise move for small and medium-size communities that lack sufficient resources, provided security responsibilities are clearly managed by the MSP. MSPs can offer around-the-clock monitoring, patch management, Security Operations Center capabilities, compliance expertise, and predictable costs—capabilities that small in-house teams may struggle to provide.
Editor’s Note: MSPs come with a broad suite of services. For example, Barracuda Networks offers solutions to protect the vast trove of data that cities collect and process.
Photo: metamorworks / Shutterstock
