[BreachExchange] Rural towns say they need a hand to fight off hackers and ransomware

[Terrell Byrd]

https://news.stlpublicradio.org/government-politics-issues/2022-01-31/rural-towns-say-they-need-a-hand-to-fight-off-hackers-and-ransomware


The federal government set aside $1 billion to help cities and counties
improve their cybersecurity, but rural communities worry they will be left
out and end up more susceptible to ransomware and other attacks.

The funding comes from the new infrastructure law, with $250 million
specifically allocated for rural areas. The funds are distributed to states
over the next four years and will begin going out later this year.

But rural community leaders say they lack the resources and expertise to
come up with a comprehensive cybersecurity plan and to pursue the grants.

“It’s just me and two other people who work for me,” said Scott Avery, the
city administrator in Houston, Missouri, population 2,500. “Getting and
administering any grant is a lot of work.”

In 2021, more than 150 cities, counties and school districts fell victim to
cyberattacks, according to cybersecurity company Emsisoft.

That led to disruptions in services, including delayed renewal of driver's
licenses and residents not being able to pay their tax bills. The attacks
shut down systems for weeks in some cases, and it took months to get back
to normal.

The need for security upgrades may be more pressing in rural areas than in
urban areas.

Last fall, Missouri State Auditor Nicole Galloway released a report
highlighting security flaws in several small, rural cities, counties and
courthouses.

Galloway cited specific cases of network passwords going unchanged for
years, simple passwords routinely shared with outside users and former
employees accessing government computers.

BJ Tanksley, Missouri’s director of broadband development, said the
regional and state agencies like his need to help.

“When we think about this kind of program, you can tap into statewide
networks of people who do this, like the libraries and the other types of
associations that have footprints all over the state,” he said.

Tanksley said the knowledge is out there, but regional and state agencies
will have to make it a priority to help rural communities protect their
digital assets. But they can only do so much.

“I don’t know that we are going to connect them with cybersecurity
systems,” he said, “but we can connect them to the education of what kinds
of systems are usable and try to get them to that point.”

The companies that sell internet service in rural areas might also help.

Mike Romano, vice president of the National Rural Broadband Association,
said he is working with his members — mostly rural telephone cooperatives
that also provide broadband service — on the problem.

“We’re aimed at helping small, rural broadband providers manage risk and do
whatever is possible to protect their networks from intrusion,” he said.
“You’re never bulletproof, but you take all the necessary steps to do as
best you can.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220131/6746e752/attachment.html>