skip to Main Content

The Economics of Ransomware: How Cities Need to Prioritize Cybersecurity Operations

Consider the following: When a city’s data center is compromised, crippling its email and other communication systems, how does the mayor, CIO and other leaders communicate with staff to address the threat? In conversations we’ve had recently had with city leaderships, we found a trend: When you take down data centers, you take down the entire city’s ability to communicate.

Municipalities, like all modern organizations, are transitioning to digital primacy in their operations, but it’s leaving behind some substantial security oversights and blind spots. This trend coincides with an ongoing ransomware crisis that has started to target city governments more and more frequently. The number of ransomware attacks hitting cities has surpassed 100 per year.

Recent examples include Baltimore, Atlanta, Knoxville, Pensacola, New Orleans, and Tulsa. Across these incidents, attackers demanded ransoms, often in Bitcoin, in exchange for access to utilities, official city communications, court systems, traffic operations, and day-to-day government employee activity.

So the threat’s existence is evident, requiring an investment in cybersecurity practices. Generally, city leaderships agree that it is vital to avoid paying ransoms to prevent incentivizing future criminal behavior. But modern-day cities are discovering what the business community has run into in the past. Protection doesn’t necessarily scale with investment.

In January of 2020, New Orleans revealed that its costs to recover lost access and functionality from its ransomware attack reached more than $7 million and nearly nine months of work. Cyber insurance, meanwhile, covered approximately $3 million of the expenses.

Cybersecurity is no longer just the realm of the information technology departments.  All aspects of state, county and city governments, from legal to risk management to operations, need to understand how a cyber attack impacts their core economics. 

Evolver provides cybersecurity clients with modern protection every day, supporting hundreds of end users across the Federal government, local municipalities, and private businesses. Learn more about our cyber operations, risk management solutions, and auditing services.

New funding sources are creating an opportunity to create more resilient systems. Funds from the trillions earmarked for pandemic response in 2020 include funds for digital infrastructure, including broadband support for remote workers and cybersecurity protection for critical health systems, such as water delivery. The attacks that recently affected the East Coast supply of gasoline prompted a response from the White House in the form of an executive order on cybersecurity, with potential future legislation on the way. And the ongoing discussion on the expansive nature of national infrastructure has ramifications for cybersecurity spending as well. 


Amid all these funding sources, the ability to set up a cybersecurity preparedness plan is there. But the critical factor will be the expertise in knowing which cyber operations are highest priority for which city. Because like any two given businesses, two city systems can vastly differ in their approach to data storage, access clearance, existing redundancy, and parallel systems. Because of the multiple threat vectors, city leaders have to be aware of the most needed cyber operations offerings that may apply in their unique cybersecurity set-ups.


Here are some examples:

Endpoint Security

As government employees attach their personal devices to a network, cities must be prepared to protect mobile devices, personal computers, and devices considered part of the Internet of Things. As employees transition back to work, this hybrid culture of remote and on premise security provides even greater challenges.

Cloud Security

Cities need to ensure continuous access to data by critical employees and smooth user interaction with a security strategy adapted for public cloud, private data center, or hybrid implementations. Balancing the cost of cloud capabilities with the security challenges requires close coordination between municipality IT leadership and security staff.

Data Security

Municipal governments must fiercely guard the integrity of critical data, not only to protect residents, but to ensure continuity of essential functions. Additionally, unlike many commercial companies, municipal governments have more stringent data retention, records management and regulatory requirements that have to be met.

Identity Access Management

Municipalities must manage specific user access needs, minimizing the ability for a single phishing attack to bring down the entire system.

You can contact our team to learn how Evolver provides cyber operations across entire organizations, including endpoint security, network security, application security, identity management, and more. You can also learn more about all of Evolver’s cybersecurity offerings on our services page.

Back To Top