The Top 4 Cyber Security Threats to Local Governments in 2023

Cyber Security Attacks

The Top 4 cyber-threats for cities and counties



In 2022, the public sector had the second most cyber-attacks, second only to the entertainment industry.

Over 200 local governments got hit with ransomware in 2022. The actual number of local governments affected is ten times that amount … not a great scenario.

As IT and technology continue to transform cities and counties, and their citizens. Cybercriminals are also changing the way they conduct their attacks.

Also, keep in mind that cyber-attacks are no longer just from hackers in their basements. The majority are now sophisticated cyber criminals, organizations, and nation-states.

This short article will address the top 4 cybersecurity threats for local governments.

The increasing cyber-risks for local governments

Why are cities and counties at a higher risk of cyber-attacks? Because local governments keep a large amount of sensitive data, including personal information, financial records, and medical records. This information is very valuable to cybercriminals, who will sell it on the dark web or use it for identity theft.

Also, local governments have limited budgets and resources, making them susceptible to cyber-attacks. They often need more funding or staffing to invest in the latest cybersecurity technologies and implement proper protocols.

In addition, cities and counties often have complex IT systems, making them harder to keep secure. These systems include different hardware and software. Some of which are legacy systems that are outdated or no longer supported by the manufacturer.


The impact of cyber threats on local governments

The impact of cyber-attacks on cities and counties can be severe and extensive. Depending on the attack, it can lead to the loss or theft of sensitive data, disruption of critical services and financial losses.

Cyber-attacks can also damage the reputation of cities and counties, and erode public trust. In addition, cyber-attacks can result in costly and time-consuming remediation efforts, such as restoring data backups, repairing systems, and investigating the incident.

Overall, cyber-attacks’ impact on local governments can be devastating. We can’t emphasize enough the need for effective cyber security measures to prevent and mitigate the risk of such attacks.



The 4 biggest cyber threats for local governments in 2023


1. Phishing Attacks

Phishing attacks continue to be the number one way cyber criminals will attack and breach your city and county officials, businesses and citizens.

Phishing, viishing and smishing attacksAccording to an article from The GNC, almost half of the phishing attacks in 2022 were aimed at government employees … making you the biggest target in the country!

Mobile phishing

At the same time, phishing attacks are increasing; governments have drastically increased their reliance on unmanaged and unsecured mobile devices. A move that makes it easier for cybercriminals to employ mobile phishing tactics.

As a quick review: Phishing attacks are a type of social engineering attack. It’s where a hacker or cybercriminal sends emails or messages that appear to be from a reputable source, such as a bank or a well-known company.

The messages typically contain a link or attachment. When clicked or opened, lead to a malicious website or malware being downloaded onto the victim’s device. Phishing attacks aim to trick the victim into divulging sensitive information, such as login credentials or financial information.

Imagine IT, a 25-year MSP that works with local governments, notes that “phishing attacks are on the rise and are very believable.”

They believe that phishing training is the best way for local governments to protect their cities and counties.  Creating and scheduling regular phishing scam email simulations is part of their security system and can reduce the chances of a breach by a big percentage.


2. Ransomware

Ransomware is malware that encrypts your data and demands a ransom payment in exchange for the decryption key.

RansomwareAccording to Sophos, “58% of local government organizations were hit by ransomware in 2022, up from 34% in 2021.” This is a 70% rise over the course of a year, demonstrating that cybercriminals have become considerably more capable of executing the most significant attacks on local governments.

Ransomware in state and local governments is a significant threat to all branches and departments.

In the best-case scenario:

A successful ransomware attack hits a city or county office. Because the office has allocated enough time and resources, a fully layered cyber security system, and employee observance of proper security procedures. The negative effects on services and infrastructure related to the attack are zero or minimal, and little financial costs are incurred.

In the worst-case scenario:

A successful ransomware attack targets a government office, and no one in the office is prepared. There needs to be more security protocols or procedures to follow. Resources are stretched too thin, and incident response  be faster. In addition, the cyber-attackers can hold necessary government infrastructure for ransom — potentially draining departments of taxpayer funds and even shutting down vital public services.

Challenges to cities and counties trying to fight ransomware

State and local governments are attractive targets because they often have weak cybersecurity. They may need more resources and access to skilled cybersecurity professionals than tech giants in the private sector have.

Also, the many public-facing operations of governments, such as driver’s licenses and permit applications, add up to a larger surface area for hackers to launch ransomware attacks.

Ransomware groups know that some government services, like water treatment or 911 services, are critical to citizens and believe they can get paid to restore them.

This puts vulnerable citizens’ lives at risk

To protect against cyber-attacks, state and local governments can follow guidance from federal cybersecurity agencies like CISA and NIST.

They can also establish routine data backups, implement multifactor authentication and zero trust policies, continuously monitor systems, get cyber insurance, segment networks, update and patch systems regularly, train employees, collaborate with state partners, vet third-party dependencies, and conduct proactive risk assessments.



3. Insider Threats

These threats are a major concern for local governments, as employees or contractors usually carry out these attacks with authorized access to your networks.

Insider threatsThis type of threat come in many forms, including theft of sensitive and personal information, sabotaging systems, or unintentional actions by unsuspecting employees that lead to cyber-security breaches.

Insider threats cause 60% of cyber-attacks

According to a report by the Ponemon Institute, insider threats are responsible for over 60% of all cyber-attacks and breaches.  This underscores the significance of preventing and detecting insider threats to protect sensitive government information and services.

Insider threats are very hard to detect

These people most often have legal and legitimate access to your cities and counties’ sensitive information and systems, making it challenging at best to identify Illegal activity. Additionally, insiders could know the current security measures, helping them evade detection.

One example of an insider threat to local governments occurred in Atlanta, Georgia, where a former employee of the city’s IT department was able to gain access to the city’s network and deploy ransomware. The attack caused widespread disruption to city services, costing millions of dollars to remediate.

How to prevent Insider threats?

To prevent and lessen insider threats, cities, and counties are implementing various cybersecurity measures and protocols.

These include background checks and security clearances for employees, monitoring access and activity of the system, and providing regular security training for employees. Some local governments are also using behavioral analytics to help detect unusual activity on their networks.

In addition, Managed IT Service Providers, like Imagine IT, are working with local governments and implementing multi-factor authentication and encryption to protect against insider threats.

Insider threats pose a significant cyber risk to local cities and counties, and it is vital for you to take preemptive measures to stop and detect these attacks. By implementing a fully-layered cyber security system, local governments can help protect against insider threats and ensure the safety and privacy of their citizens.


4. Internet of Things (IoT) Devices

The ‘Internet of Things,’ (IoT) is everywhere, in your office, city, county, daily, and everywhere.

A shield protecting a bunch of different mobile devices regarding cyber securityOffices, courtrooms, classrooms, and coffee shops, wherever you go, people are donning a smart device like iPhone or Android, a bracelet, or even using a water bottle that reminds them when it’s time to drink!

The uses across every industry are increasing daily.

Local governments are in the thick of things, and these devices must be secured!

The essential characteristics of an IoT include sensing, communicating, computing, controlling, and informing. The ability to have devices, mobile or otherwise, connect to networks and generate data is the distinction between ordinary, run-of-the-mill devices and something with the potential to be transformative.

In IoT networks, multiple complex systems work together, often with different components designed and managed by separate entities.

IoT: A new cyber-challenge for local governments

As new technologies emerge, local government officials must be aware of the challenges they bring and cautiously consider their deployment.

The benefits of IoTs are considerable. But they must be balanced with concerns about citizen privacy and cyber security. Local governments must prepare to steward the public’s data in the context of IoTs, requiring changes to existing policies and structures.

Local governments need help with these responsibilities and need to be fully prepared to manage the data collected by IoTs. In addition, as technology evolves faster than organizations and public policies, local governments must carefully consider key issues when implementing IoTs.

Technology has evolved faster than the organizations trying to use them, and public policies still need to catch up to emerging technologies. IoTs represent a new type of technology quickly outpacing the range of government structures and procedures used to manage IT investments and the data collected.

All governments considering the IoT, particularly local governments already struggling with data stewardship responsibilities, should consider the following three issues carefully.


How can local governments protect against IoT threats?

There are several ways cities and counties can cyber-protect devices, including:

Segmenting networks: Divide your network into smaller segments.

Implementing strong passwords: Even use a password manager.

Regularly updating software: Ensuring you have the latest security patches.

Monitoring network traffic: To detect and prevent suspicious activity on your network.

Using encryption: Helping protect sensitive data transmitted by IoT devices.

The Internet of Things (IoT) poses a significant cyber threat to local governments. They must take proactive measures to protect against these cyber-attacks. By implementing best practices for IoT security, local governments can help ensure the safety and privacy of their residents.



The increasing use of technology in city and county operations has brought new weaknesses and threats. From ransomware and phishing attacks to insider threats and IoT susceptibilities. Cities and counties must prepared to face these challenges. And protect the personal data and critical services they provide to citizens.

At Imagine IT, effective cyber security requires collaboration between technology providers, local governments, and citizens.

By working together to implement best practices and stay knowledgeable about emerging cyber threats. We can help ensure the safety and privacy of our communities.

Ultimately, protecting our cities and counties from cyber threats requires a combination of technical expertise. Including policy frameworks, and ongoing vigilance. As we continue to innovate and implement new technologies in our communities. We must also remain vigilant and committed to keeping our citizens safe and cyber-secure.


Check out our fully-layered enterprise grade cyber security solution created for cities, counties and small business.

The Security Shield


Thank you for your referral!