The White House is urging mayors across the US to be more proactive about cybersecurity measures and meet with state-level officials to test their cybersecurity posture as attacks continue to plague both small towns and major metropolitan areas.
Anne Neuberger, the deputy National Security Advisor for Cyber and Emerging Technology, spoke to a bipartisan group of mayors virtually during a US Conference of Mayors event this week, addressing the spate of ransomware attacks on dozens of cities over the last two years.
Neuberger "urged mayors to immediately convene heads of state agencies to review their cybersecurity posture and continuity plans," according to a White House readout of the meeting.
Multiple cities, including Tulsa, Atlanta, New Orleans, Baltimore and others, have dealt with ransomware attacks and other breaches by criminal groups in recent months. Two weeks ago, Tulsa was forced to notify city residents that some of their personal information may be on the dark web thanks to a ransomware attack in May by prolific cybercriminal group Conti.
Many cities and towns do not make ransom payments public, as noted in a recent report from eSentire that found ransomware gangs like Ryuk launched attacks on "Jackson County, Georgia, which paid a $400 000 ransom; Riviera Beach, Florida, which paid $594 000; and LaPorte County, Indiana, which paid $130 000."
In addition to attacks on government infrastructure, ransomware groups made hundreds of millions of dollars throughout 2020 and 2019 by attacking hospitals across the country.
Neuberger said the White House is working to "disrupt ransomware infrastructure" through coordination with private cybersecurity firms and partnering with other countries to "hold countries who harbor ransom actors accountable."
She did not go into detail about what specific actions are being taken against ransomware groups. Still, She said the White House is continuing to use cryptocurrency exchanges as a way to track down threat actors.
They are also in the process of creating a "cohesive and consistent approach" when it comes to whether local communities should go through with ransom payments, which dozens of towns and cities have already paid.
Neuberger also touted the administration's "Improving the Nation's Cybersecurity" Executive Order and said the FBI, as well as CISA, are ready to help cities facing ransomware attacks. She outlined efforts the federal government is making to secure critical industries like the electric sector, pipelines, water treatment plants and chemical plants.
The federal government is working on a pilot program called the Cybersecurity Industrial Control Systems Initiative, which Neuberger said will "strengthen cyber resilience in the electric sector."
Cybersecurity expert Chloé Messdaghi told ZDNet that legacy equipment, inadequate or even undesignated cybersecurity budgets, and challenges finding and up-skilling talent are all substantial problems across the public sector promoting the increase in ransomware attacks.
"Whether public or private sector, the thing to remember is that everyone is a target. Outdated equipment, missed patches, inadequate staffing and tight budgets are a huge problem across the public sector," Messdaghi said.
"Getting employees to update their systems in time is such a challenge, and the slower that cities and towns are to patch and update their systems, the more at risk they put the public they serve."