Many leaders of smaller city and county governments are excited about a new $1 billion federal cybersecurity grant program, but they're worried they'll miss out on the money because they don't have the resources or expertise to create proposals, Jenni Bergal reports for Stateline.
The funding comes from the $1.2 trillion infrastructure law, and will be distributed to states over the next four years through the Federal Emergency Management Agency. States must ensure that 25 percent of the money goes to rural areas, and 80 percent overall to local governments, Bergal reports.
The need for funding is dire in rural areas. "Ransomware has wreaked havoc on local governments in the past several years. It typically spreads when hackers email malicious links or attachments that people unwittingly click on. Malware then hijacks the computer system and encrypts data, holding it hostage until victims either restore the system on their own or pay a ransom, usually in bitcoin, in exchange for a decryption key," Bergal reports. "Last year, there were at least 77 successful attacks on local and state governments and another 88 on school districts, colleges and universities."
Local governments, particularly in rural areas, are far less equipped to deal with a cyberattack. Their computer systems tend to be older, and their staff tend to have less training in how to deter such attacks, Bergal reports.
"In rural communities, the IT person, who is probably also the public works director or the city recorder, is expected to know what software they need to buy or how at risk they are," Brenda Wilson, executive director of the Lane Council of Governments in Oregon, told Bergal. "They just don’t know. How can they put together a plan to submit to the state?"