Cyber threats (still) loom for municipalities

Every new year seems to mark another ‘worst year ever’ for cyber crime. As municipalities continue to digitize and launch online services, new vulnerabilities are introduced that open the door for cyber attacks.

In 2021, there were more than 235 ransomware incidents in Canada. In recent months, Canadian public institutions have reported an increasing number of high-profile cyber attacks.

Municipalities are increasingly becoming targets for cyber criminals, primarily because their systems maintain large volumes of personal information about their residents (e.g., property tax information) and connect to the critical infrastructure they operate. When an attack succeeds, a municipality faces potentially devastating costs and other far-reaching consequences.

The average estimated cost of a data breach in Canada has reached $6.35 million. This includes costs related to business disruption, reputational damages, post-breach response activities, among many other things.

Ransomware is quickly becoming the most common form of cyber crime for municipalities. In a ransomware attack, a cyber criminal will employ numerous tactics to gain access to a victim’s network to control, encrypt, steal, expose or delete data until a ransom payment is made.

There are steps municipalities can take to ensure they are both prepared for and protected from cyber attacks. These include:

  • Conducting risk assessment(s)
  • Completing software updates, patching, and data backups
  • Implementing foundational technologies, like identity-first and endpoint security
  • Communicating cyber security policies and providing cyber security training to employees
  • Partnering with a managed security services provider

For more information, please contact danb [at] (Dan Blackburn), Senior Director of Growth & Innovation.