Syracuse, New York — Following ransomware attacks in Central New York this summer, U.S. Rep. John Katko (NY-24), Ranking Member on the House Homeland Security Committee’s Cybersecurity, Infrastructure Protection & Innovation Subcommittee, today hosted a roundtable discussion at the Onondaga County Water Authority (OCWA) with Department of Homeland Security (DHS) officials to assist local elected officials and municipalities in strengthening cybersecurity protections.
Rep. Katko was joined by representatives from the DHS Cybersecurity and Infrastructure Security Agency (CISA), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and cybersecurity provider Crowdstrike, as well as City of Syracuse Mayor Ben Walsh, Onondaga County Executive Ryan McMahon, and other local stakeholders.
“Ransomware attacks on state and local governments continue to increase nationwide, leaving municipalities vulnerable and facing massive costs. Many cities have outdated information technology, limited budgets, and lack of cybersecurity training which can make it easier for hackers to infiltrate networks. With recent attacks on the City of Syracuse School District and the Onondaga County Public Library System, it’s clear our community is no exception,” said Rep. John Katko. “Our local governments face many challenges in defending their networks, and today’s roundtable connected local stakeholders with Department of Homeland Security officials for a discussion on identifying cybersecurity attacks, mitigating risks, and planning how to respond to an attack.”
There were fifty-three ransomware attacks on cities in 2018. In the first quarter of 2019, there were twenty-one attacks, on pace for sixty-five attacks for the year. The Syracuse City School District and the Onondaga County Library System suffered a ransomware attacks from unknown threat actors last month. While many of their systems have been brought back on line, some are still in the process. With the help of cybersecurity experts, the school district was able to regain access to the data within twenty-four hours of the attack. However, recovering from the attack could cost them up to $50,000, which the district expects to be covered by their insurance.
Additionally, Rep. Katko announced legislation key to protecting state and local governments from cyberattacks.
"Today’s roundtable discussion was just a start,” continued Rep. Katko. “In Congress, addressing cyber threats has been among my top priorities on the Committee on Homeland Security. That’s why I’ve introduced bipartisan legislation to create a resource guide for State and local governments to navigate how to mitigate vulnerabilities, respond to, and recover from cyberattacks. It also creates grant programs to help local governments bolster cybersecurity protections by identifying high value assets, and to assist in planning and performing exercises to mitigate damages if a cyberattack occurs.”
The bipartisan State and Local Government Cybersecurity Improvement Act provides resources and grants to help communities protect against cyberattacks. Specifically, the bill:
- Directs the Cybersecurity and Infrastructure Security Agency (CISA) to create a resource guide to help officials prepare for, protect against, respond to, recover from and mitigate against cyberattacks.
- Creates two new grant programs to help State and local governments mitigate cyber risk. The first grant is a one-time, matching grant program which State and local governments may use to identify high value assets (HVAs) and critical system architecture in their networks. Identifying HVAs and critical system architecture is a crucial step in securing networks; if a government does not know what assets exist on its system, it is more difficult to protect those assets. The second grant program will help State and local governments defer the costs of conducting cybersecurity exercises, which are essential to preparing organizations facing ransomware attacks.