PHILADELPHIA -- The emails showing up on office computers asked about a recent Amazon order. Local government employees in various South Jersey towns were told to click to see the status of the order.
"And most people will click that," said Lou Romero, a cybersecurity expert. "And my question is, 'Did you order anything on Amazon? (No.) Then why are you clicking on it?'"
Romero, not Amazon, had sent the emails to test how his cyber training was working.
And, yes, some of his pupils did click.
But had such an email come from a malicious source, a municipality's whole system could have been compromised. The town's ability to function could have been held hostage for a ransom. Romero has seen it happen.
Ransomware has targeted more than 70 local and state governments so far this year, according to a report by researchers at Barracuda, an IT security company. Among those hit were municipalities in Florida and Texas, and Baltimore, where hackers locked away critical files. Baltimore didn't pay the ransom, but officials said the attack will cost the city $18 million. In July, the U.S. Department of Homeland Security partnered with national groups to urge governments to take advantage of the best practices and resources to protect themselves.
Sponsored Video Stories
"These evolving and sophisticated attacks are damaging and costly," the Barracuda researchers wrote. "They can cripple day-to-day operations, cause chaos, and result in financial losses from downtime, ransom payments, recovery costs, and other unbudgeted and unanticipated expenses."
Because most municipalities don't have millions to spend on cybersecurity the way big corporations do, they can be easy prey, Romero said. Several local governments in the region, wary of attacks, declined to talk about their cybersecurity strategies.
"The odds of a municipality becoming a cyber victim are one in four," said Romero, a consultant for 64 South Jersey municipalities. "So it's not a matter of if, it's only a matter of time."
It's not that municipalities are being attacked by ransomware more often than individuals and corporations, said Eric Cornelius, chief product officer for BlackBerry's Cylance, which sells cybersecurity software and services.