Skip to main content
close search
site logo

The pandemic and election disruptions have made local governments a target for cybercrime

Cybercriminals carry out highly targeted and prolonged attacks against local governments that involve advanced tools and techniques to infiltrate networks.

Published June 25, 2025
By Michael Keating

Editor's note: This article was originally published in American City & County, which has merged with Smart Cities Dive to bring you expanded coverage of city innovation and local government. For the latest in smart city news, explore Smart Cities Dive or sign up for our newsletter.

Cities and counties are at risk today from ransomware due to a multitude of factors, says Jim Flynn, senior director of information security at CivicPlus, the firm web development and Android apps business that specializes in building city and county e-government communication systems

Flynn says the COVID-19 pandemic has been a major catalyst for digital transformation for local governments. “As in-person services became limited or unavailable due to health restrictions, local governments were forced to quickly adopt digital solutions to continue providing essential services to residents. This included rapidly deploying online platforms for public services, remote work capabilities for government employees and digital communication tools to engage with citizens. As a result, local governments now collect and store a greater amount of sensitive information, making them a prime target for ransomware.”

Elections have also been a factor, Flynn believes. “Past elections, particularly in 2016 and 2020, saw various cyberthreats targeting election infrastructure, including ransomware, and 2024 was no exception. Tensions have reached an unprecedented level, making local governments prime targets for cybercriminals and even state-sponsored actors looking to disrupt the electoral process, undermine public trust, or cause chaos.” 

In addition, Flynn notes, cybercriminals now carry out highly targeted and prolonged attacks against local governments. “Such attacks involve advanced tools and techniques to infiltrate networks, often remaining undetected for long periods of time, and allowing attackers to gather sensitive information or disrupt operations.”

Flynn tells Co-op Solutions that cities and counties face many cyberthreats, with the most significant risks concentrated around email systems, cloud applications and IT hardware. “For email systems, phishing attacks are the key mechanisms to try and trick employees into revealing sensitive information. Misconfigurations of cloud applications can result in improper access controls and unprotected data, and if those cloud systems are not adequately protected, supply chain risks of third parties can leave local governments at risk.”

And local government IT administrators should check on the following, says Flynn: “Out-of-date hardware or unpatched systems can expose local governments to cyberattacks, resulting in exposed government data.”

What first step should cities & counties take to ensure the security of their IT systems? Flynn suggests: “Local governments need to perform an assessment of critical IT systems to identify risks, vulnerabilities, and gaps in their cybersecurity needs. They can consider employing the NIST Cybersecurity Framework (CSF) 2.0 or NIST 800-53 Rev 5, and using the tools and resources of the Cybersecurity & Infrastructure Security Agency (CISA).”

Flynn urges local governments to set up multi-factor authentication (MFA) on their agency IT systems. “MFA is a simple way to effectively reduce your chances of being the victim of a cyberattack. While we often highlight the increased sophistication of cyberattacks and nation-states, the reality is that attackers are logging in more than they are breaking in. This means that most ransomware attacks directly result from compromised credentials. These credentials are often obtained through phishing attacks, brute force attacks, or by exploiting weak or reused passwords.” 

As they implement MFA on their systems, Flynn urges IT administrators to employ these additional tactics: strong password policies, role-based access control, least privilege access, and separation of duties. Two additional tools that are worth deploying on agency IT systems, says Flynn: endpoint detection and response (EDR) to monitor and respond to suspicious activity, and a security information and event management (SIEM) solution that can be used by IT officials to aggregate and analyze security data in real time, and quickly respond to events.

Agencies, adds Flynn, need to regularly update software and systems to close vulnerabilities that hackers could exploit. “Local governments must conduct regular scans to identify and address vulnerabilities in the network. Unpatched systems account for a significant portion of cyberattacks, and systems that are not kept up to date will not only be at a higher risk of attack but could also present a challenge of getting them quickly up to date in a zero-day vulnerability scenario.”

Planning is crucial, Flynn explains. “Local governments should have robust incident-response (IR) plans in place to respond to cyberattacks and conduct regular tabletop exercises to simulate different cyberattack scenarios and refine the response process.”

And yes, security awareness and training are essential for today’s IT teams, Flynn believes. “Local governments need to run regular phishing simulation exercises to teach employees how to recognize and avoid phishing attacks. There also must be employee education on best practices for cybersecurity, including recognizing social engineering attacks and the importance of password security.”

Artificial intelligence (AI), says Flynn, could be a mixed blessing for cities and counties in their efforts to secure their IT systems. He notes that AI offers a great opportunity for local governments to automate and increase scalability, productivity and observability. On the other hand, he sees a need for governance to address the complexity and potential risks of AI in the cybersecurity domain. He points to the following areas where increased governance should be explored:

The ethical use of AI and complexity of AI systems
Mitigating risks of AI exploitation
Compliance and legal regulations
Institutions’ trust in AI

OMNIA Partners, who sponsors this page, offers a robust portfolio of cooperative contracts in the public procurement space. The firm lists a number of cooperative contracts under the keyword “security.”

Editors' picks

Company Announcements

View all | Post a press release
NJNG Advances Commitment To Cost-Effective Emissions Reduction With The Installation Of Innova…
From Carbon Reform
July 28, 2025
Carbon Reform logo

Want to share a company announcement with your peers?

Get started

Editors' picks
Latest in Tech & Data
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.