Rural towns are a target for hackers

Published 9:07 pm Wednesday, August 28, 2019

EDITORIAL

The Advocate-Messenger

Hackers and scammers are everywhere these days. Spoofed phone calls bombard most of us daily; emails are constantly landing in our inboxes with misleading links and dangerous files attached; security breaches at major companies have probably put some amount of your personal information in the hands of data thieves.

Email newsletter signup

We often think of hackers as targeting individuals, or in the case of hacked databases, information about large numbers of individuals.

But new reporting from the New York Times has shed some light on a surprising target that’s becoming a favorite of hackers around the globe: city governments.

Hackers are trying and sometimes succeeding in infiltrating city government computers, stealing cities’ data and often holding it for exorbitant ransoms. Right now, there are 22 towns in Texas who had their data stolen and held for millions in ransom by a “single threat actor,” according to the Times.

It’s not just small towns being targeted — Atlanta and Baltimore have been victims, as well — but small towns are the biggest target because they may be more likely to have weak cyber-defenses, according to the reporting.

Unfortunately for many cities that get hacked, the best option in a terrible situation is to pay the ransom and get their data back. Because local governments are so reliant on databases and computer systems, losing the information on which they run is akin to a natural disaster blowing away half the town.

This should be a wake-up call for all city and county governments here in central Kentucky. Leaders shouldn’t fall into the trap of thinking they’re too small to attract the attention of hackers. The small size of many Kentucky towns might actually make them prime targets — and a successful hack could be devastating for city services or even the local tax rates if a big payout is required to restore everything.

We also shouldn’t be lulled into thinking this is a fad that will fade, or that security improvements will eventually lead to the demise of these hackers. Internet security has been and always will be a never-ending arms race. As soon as someone develops new security measures that stop the old threats, the stymied hackers will begin developing new tricks and finding new vulnerabilities.

Kentucky cities should assume they are already the target of these malicious actors and make sure they are doing everything they can to be proactive today.

Employees must be trained to identify scam emails. IT professionals must be hired to create secure systems that are difficult to attack. Data must be backed up in multiple ways and at locations hackers can’t reach. And cities must develop plans of action for what to do if and when the worst occurs, so that their reactions are logical and effective, not knee-jerk.