Public agencies are responsible for essential services: 911 dispatch, utilities, schools, courts and more. When ransomware strikes, the damage is not only financial, it also interrupts the services that people rely on each day. 

This is a problem that will not fix itself. It takes attention, teamwork and plain effort. SmartFusion remains committed to helping local governments maintain stable and reliable operations, especially when the challenges grow larger. 

A recent report from KnowBe4 highlights how many local government agencies are struggling to defend themselves against a steep rise in ransomware attacks. These public agencies often have limited staff, tight budgets and aging technology, which leaves them open to serious risks. 

Limited Staff, Rising Threats 

State, local, tribal and territorial (SLTT) governments were the third most common targets for ransomware attacks last year. Over 80 percent of these agencies have fewer than five full-time cybersecurity staff. Some have no dedicated staff at all. 

The Multi-State Information Sharing and Analysis Center (MS-ISAC) reported a 313 percent increase in incident reports during 2022. These numbers reflect the growing pressure public agencies are under. 

The Human Factor

Many of these attacks begin with a simple mistake. Phishing emails and social engineering tactics continue to be the most common ways attackers gain access. The report states that 70 to 90 percent of incidents are caused by human error. 

Training can make a measurable difference. According to KnowBe4, public organizations that invested in a full year of employee awareness training saw the average phishing risk drop from 33 percent to just 4 percent. 

Costs Continue to Climb 

The financial consequences are serious. Between 2018 and late 2024, the average ransom payment was $872,656. Total reported losses exceeded $1.09 billion. 

Lazaro Elias a Sales Executive with SmartFusion commented: