No Surprise: Public Sector Braces for Increased Ransomware and Cloud Attacks in 2025

Key Takeaways

Ransomware attacks on local governments are increasing, with an 8% rise in North America.
Social engineering and weak access controls are greater risks than technology vulnerabilities.
Implementing AI and advanced cybersecurity solutions can significantly enhance local governments’ defenses.

Rising Cyber Threats to Local Governments

Douglas McKee, executive director at SonicWall, highlights the growing risks of ransomware for cities and counties, which are increasingly targeted by cybercriminals. Local governments are often seen as easy targets by threat actors, similar to small and midsize businesses (SMBs). The SonicWall 2024 Threat Report indicates an 8% year-over-year rise in ransomware incidents along with a 33% increase in business email compromise.

McKee attributes the heightened vulnerability of local governments to several factors. Limited security budgets, less developed security programs, and slow adaption to emerging threats contribute to this trend. Social engineering tactics, misconfigurations, and weak access controls are major vulnerabilities that expose government entities to attacks more than their actual technological systems.

To combat these threats, local governments are adopting advanced cybersecurity measures. McKee points out that leveraging next-generation tools such as artificial intelligence (AI), advanced firewalls, and endpoint detection and response (EDR) solutions can enhance their real-time threat monitoring and automated responses to cyber threats.

He stresses the importance of collaboration between government agencies and cybersecurity experts. Implementing 24/7 monitoring can significantly bolster prevention, detection, and response efforts. Such partnerships streamline essential functions, like patch management and identifying vulnerabilities, which can reduce the critical window for addressing security flaws.

Despite some efforts, public sector agencies continue to struggle with adopting industry best practices for cyber detection and response. McKee advises prioritizing real-time patch management, adopting a Zero Trust security model, and establishing a dedicated security operations center (SOC). Managed service providers (MSPs) and managed security service providers (MSSPs) play key roles in these efforts, managing IT infrastructure and specialized cybersecurity services.

Strengthening defenses against ransomware involves several strategies, including maintaining regular backups, utilizing EDR, segmenting networks, and securing Internet of Things (IoT) devices through multi-factor authentication (MFA) and restricted access protocols. Continuous cybersecurity awareness training is also vital, as human error remains a significant risk factor.

Lastly, McKee emphasizes the potential of AI in enhancing the security frameworks of cities and counties. By automating routine tasks and identifying vulnerabilities, AI frees human resources to tackle more complex security challenges, ultimately leading to a more robust security posture for local governments.

The content above is a summary. For more details, see the source article.