Towns say preparation invaluable in fight against ransomware

NORTH KINGSTOWN, R.I. — A ransomware attack is less likely these days to create a hostage-taking of information in local governments, say officials, because of beefed-up security.

North Kingstown recently faced the threat of one but quickly beat back any effort to extort money for unlocking information that was illegally accessed. Narragansett and South Kingstown officials said their towns have strong protections in place.

“Cybersecurity is an ever-present and changing threat to municipal government, state government, federal government, and private businesses, and it is critical for all these entities to remain vigilant,” said South Kingstown Town Manager James Manni.

He knows the effects first-hand as a former Rhode Island State Police Superintendent whose department has a special office dedicated to investigating these crimes.

James Tierney, Narragansett Town manager who also has an extensive history in law enforcement, agreed.

“As the cyber threat landscape has changed, the Town has changed with it, the use of two-factor authentication, advanced email filtering, and cybersecurity awareness training are among a few of the systems implemented to better protect our systems and data,” he said.

Ralph Mollis, North Kingstown town manager, said in a prepared statement that his town has “real world” experience following a triggered alert at 4 a.m. on Saturday, April 22, that had been the target of a ransomware attack.

He did not specify how that trigger happened and how a 4 a.m. notice was picked up by staff members.

The town “has learned the security measures we had in place worked as intended. The town last invested in an external cyber security audit with Stealth-ISS in 2021, which resulted in the recommended security measures being implemented,” he said.

“Our enterprise resource planning solution software which integrates payment processing, human resources, purchasing, fixed assets, and revenue streams was temporarily suspended out of an abundance of caution,” he said.

Mollis also said that the town will continue to maintain its cyber security insurance policy that is in good standing and operate according to data security best practices. It is also undertaking a forensic audit that may reveal additional information.

Sophos, cyber security experts, said in its State of Ransomware in State and Local Government 2022 that cyber security insurance is helping organizations to improve their security measures.

It said that 80% of state and local government organizations reported having cyber insurance coverage against ransomware, lower than the cross-sector average of 83%.

The study also reveals an increasingly challenging threat environment with state and local government reporting an above-average increase in the perceived volume of attacks and the impact of attacks.

It also sheds light on the relationship between ransomware and cyber insurance, including the role cyber insurance is playing in driving changes to cyber defenses for greater protection.

“While the cyberattack will ultimately bear some cost to the town in the form of license and software upgrades and select unit replacements, had preventative measures not been in place, the effects would have been crippling,” he said.

Systems and flags to address cyber vulnerabilities and malicious enterprises “worked as designed,” he said without describing in detail the process.

He said that the town found data and personal information had been protected from access and theft, he said.

Mollis, Manni and Tierney said that their employees have been trained in protecting and keeping secure data issues and personal information.

“The Town of South Kingstown has taken important steps to ensure the safety of our data,” Manni noted, including staff participating in monthly cybersecurity training, multi-factor authentication has been in use since 2020, and the town email system/website are in the process of transitioning to a more secure system,” he said.

“Cybersecurity and data protection remain a top priority for town leadership,” he added.

Tierney said that Narragansett fully supports the need for cybersecurity as President Biden explained in his March 1st, 2023 National Cybersecurity Strategy.

“The Town of Narragansett takes the threat of cyber disruption seriously and has endeavored to remain vigilant and prepared,” he said.