Fewer than one in four city employees receive cyber training related to ransomware threats as budgets for managing cyberattacks have stagnated across U.S. state institutions.
A new poll of state and local government IT/security professionals has found that 73% of government employees are concerned about ransomware threats to cities across the country. In fact, more employees fear cyberattacks against their community than natural disasters and terrorist attacks.
Ransomware hit more than 100 cities across the United States in 2019, according to the new Harris Poll, sponsored by IBM. Ransomware attacks might be even more widespread, with 1 in 6 respondents disclosing their department was impacted by such an attack.
However, despite this insurgence, half of employees surveyed have seen no change in their employers’ preparedness, with only 38% receiving general ransomware-prevention training. Worse still, budgets for managing cyberattacks are at a standstill, according 52% of state and local government IT/Security professionals polled.
63% of respondents also fear that a cyberattack could disrupt the upcoming presidential elections, with most government employees placing their local Board of Elections among the three most vulnerable systems in their communities. The report authors speculate that cyberattacks can be used to weaken confidence in systems for voters, or even impede them from casting ballots.
In another key finding, the research also showed that Public Education was the 7th-most-targeted industry by ransomware operators in 2019. 78% of government employees believe the federal government should help communities respond to cyberattacks, echoing sentiments from a 2019 poll where 50% of U.S. taxpayers felt the same. 76% of state and local employees also believe cyberattacks warrant emergency support, like natural disasters.
Ransomware attacks on U.S. government institutions and critical infrastructures are increasing in 2020, with new incidents reported almost every other day.
According to a Bitdefender survey of more than 6,000 infosec professionals in large organizations across the US, EMEA and APAC, the best way to defend against advanced cyber-attacks is to provide training and support. This consensus is supported by the fact that organizations placing more emphasis on training are better at detecting attacks quickly, and more efficient at isolating them.