skip to main content
Travelers Logo
  • About
  • Careers
  • Agents
  • Investors
  • Sustainability
  • Contact Us
  • For Individuals
    • Overview
    • Products
      • Car
      • Home
      • Renters
      • Condo
      • Landlord
      • Boat & Yacht
      • Flood
      • Motorcycle
      • Travel
      • Pet
      • Weddings
      • Umbrella
      • All Products
    • Prepare & Prevent
      • Insurance 101
      • Home Central
      • Travelers Garage
      • Managing Through COVID-19
    • Affinity Group Discount
    • Online Service
    • Pay Your Bill
      • Get a Quote
      • Find an Agent
      • File a Claim
      • Pay Your Bill
  • For Business
    • Overview
    • Products & Solutions
      • Overview
      • Boiler & Machinery
      • Commercial Auto & Trucking
      • Cyber
      • Environmental Liability
      • Excess Casualty & Umbrella
      • General Liability
      • Global Insurance
      • Inland Marine
      • Management & Professional Liability
      • Ocean Marine
      • Property
      • Business Owner's Policy
      • Surety Bonds
      • Workers Compensation
        • Find an Agent
        • File a Claim
        • Pay Your Bill
    • Industries
      • Overview
      • Agribusiness
      • Architects, Engineers & Surveyors
      • Auto & Truck Dealers
      • Business & Professional Services
      • Construction
      • Education
      • Energy & Renewable
      • Equipment Dealers
      • Financial Institutions
      • Food Services
      • Health & Related Services
      • Hospitality & Recreation
      • Manufacturing
      • Marine Industries
      • Museums & Fine Art
      • Non-Profit
      • Oil & Gas
      • Public Entities
      • Real Estate
      • Retail
      • Technology
      • Transportation
      • Wholesale & Distribution
        • Find an Agent
        • File a Claim
        • Pay Your Bill
    • Services
      • Overview
      • Risk Control
      • Claim
      • Premium Audit
      • Online Customer Tools
      • Risk Management Information Services
      • Travelers Client Advantage
        • Find an Agent
        • File a Claim
        • Pay Your Bill
    • Small Business
      • Overview
      • Automobile Insurance
      • Business Owner's Policy
      • Data Breach
      • Employment Practices Liability
      • Professional Insurance
      • Umbrella Insurance
      • Workers Compensation Inurance
        • Find an Agent
        • File a Claim
        • Pay Your Bill
    • Large Business
      • Overview
      • Casualty
      • Cyber
      • Management & Professional Liability
      • Property
        • Find an Agent
        • File a Claim
        • Pay Your Bill
    • Multinational Business
    • Prepare & Prevent
      • By Topic
      • By Industry
      • Navigating Your Business Through COVID-19
        • Find an Agent
        • File a Claim
        • Pay Your Bill
      • Find an Agent
      • File a Claim
      • Pay Your Bill
  • Claim Center
    • Claim Center
    • Should I File a Claim?
    • File a Claim
    • Roadside Assistance
    • Find a Service Provider
    • Check Your Claim Status
    • Manage Your Claim Experience
      • Understanding the Claim Process
      • Claim Guide Library
      • Workers Compensation Resources
    • Claim Capabilities
      • Get a Quote
      • Find an Agent
      • File a Claim
      • Pay Your Bill
  • Prepare & Prevent
    • For Individuals
    • Home Central
      • Buying & Selling
      • Home Maintenance
      • Home Renovation
      • Home Safety
      • Moving
      • Smart Home
    • Travelers Garage
      • Buying & Selling
      • Car Maintenance
      • Distracted Driving
      • Safe Driving
      • Teen Driving
      • Boating
    • Insurance 101
    • Weather
    • For Business
    • Industries
      • Construction
      • Manufacturing
      • Nonprofit
      • Small Business
      • Technology
    • Topics
      • Business Continuity
      • Cyber
      • Driver and Fleet Safety
      • Facilities Management
      • Internet of Things
      • Product and Services Liability
      • Supply Chain Management
      • Workplace Safety
    • Travelers Risk Index
      • Get a Quote
      • Find an Agent
      • File a Claim
      • Pay Your Bill
  • About Travelers
    • Overview
      • Awards & Recognition
      • Careers
      • Community
      • Diversity & Inclusion
      • Sustainability
      • History
      • Investors
      • Media Resources
      • News
      • Travelers Championship
      • Travelers Institute
      • Get a Quote
      • Find an Agent
      • File a Claim
      • Pay Your Bill
    • Get a Quote
    • Find an Agent
    • File a Claim
    • Pay Your Bill
Main Navigation
  • For Individuals
      • Insurance for Individuals
      • Products
        • Car
        • Home
        • Renters
        • Condo
        • Landlord
        • Boat & Yacht
        • Flood
        • Motorcycle
        • Travel
        • Pet
        • Weddings & Events
        • Umbrella
        • More
      • Prepare & Prevent
        • Insurance 101
        • Home Central
        • Travelers Garage
      • Affinity Group Discount
      • Online Service
      • Pay Your Bill
    • Get a home quote now

      It's easy to get a free quote for home insurance from Travelers in just a few minutes.

       

      Get a home quote now
  • For Business
      • Products & Solutions
        • Commercial Auto & Trucking
        • Cyber
        • General Liability
        • Management & Professional Liability
        • Property
        • Business Owner's Policy
        • Surety Bonds
        • Workers Compensation
        • More
      • Industries
        • Construction
        • Energy & Renewable
        • Financial Institutions
        • Healthcare
        • Manufacturing
        • Real Estate
        • Technology
        • Transportation
        • More
      • Prepare & Prevent
      • Services
        • Risk Control
        • Claim
        • Premium Audit
        • More
      • Pay Your Bill
      • Small Business
      • Large Business
      • Multinational Business
      • For Business Overview
    • Tips for Managing Risks Related to a Remote Workforce

      Tips for Managing Risks Related to a Remote Workforce

      With the current reality of more employees working from home through the pandemic, is your business ready for all the implications?

      Learn more
  • Claim Center
      • Claim Center
      • Should I File a Claim?
      • File a Claim
      • Roadside Assistance
      • Find a Service Provider
      • Check Your Claim Status
      • Manage Your Claim Experience
        • Understanding the Claim Process
        • Claim Guide Library
        • Workers Compensation Resources
      • Claim Capabilities
    • Send us your receipts, photos, invoices and more with just a push of a button.

      Securely share information with your Claim team.

      Send us your receipts, photos, invoices and more with just a push of a button.

      Upload a File
  • Prepare & Prevent
      • For Individuals
      • Home Central
        • Buying & Selling
        • Home Maintenance
        • Home Renovation
        • Home Safety
        • Moving
        • Smart Home
      • Travelers Garage
        • Buying & Selling
        • Car Maintenance
        • Distracted Driving
        • Safe Driving
        • Teen Driving
        • Boating
      • Insurance 101
      • Weather
      • For Business
      • Industries
        • Construction
        • Energy
        • Manufacturing
        • Nonprofit
        • Small Business
        • Technology
      • Topics
        • Business Continuity
        • Cyber
        • Driver and Fleet Safety
        • Facilities Management
        • Internet of Things
        • Product and Services Liability
        • Supply Chain Management
        • Workplace Safety
      • Travelers Risk Index
    • Managing Through COVID-19

      Managing Through COVID-19

      Resources to help you adapt to the realities of COVID-19.

      Learn more
  • Home
  • Prepare & Prevent
  • Business
  • Industries
  • Public Sector
  • The Growing Threat of Ransomware Attacks on the Public Sector

The Growing Threat of Ransomware Attacks on the Public Sector

A sharp rise in public sector ransomware attacks across the U.S. has drawn considerable attention in recent years – and for good reason. Such attacks can cripple a public entity’s ability to conduct important operations or provide needed services to the community. They can also have a huge financial toll.

“Ransomware is not a new problem, but it’s presenting a bigger challenge for public entities,” said Kirstin Simonson, Cyber Lead for Technology and Public Sector at Travelers. “Ransoms are trending significantly higher, often in the six-to-eight-figure range, and the costs to remediate the issue can be substantial.”

While ransomware, a malicious software that locks up computer data until a ransom is paid, has been a threat for years, newer variants are able to infect entire networks and cause considerable damage. They often command exponentially higher ransoms as a result. No public entity, no matter how large, small or remote, is immune.

Here are some measures you can take to help protect your data and ensure an effective response in the event of a ransomware attack at your public entity:

Back Up Data

A primary step is to back up critical data on a regular basis. Backed-up files can be quickly recovered, which can help to restore operations in the event of an attack. Be sure the backed-up data is stored on a separate offline device that is completely severed from the working network. Otherwise, it’s likely to be ransomed along with your primary data.

“If the backups are also unavailable due to the attack, recovering quickly will be more complicated,” Simonson said. “You may need to rebuild using older data or other sources to recover.”

Segment Network Access

Splitting your network into smaller segments is another way to protect critical data. This is typically done by business function or data type, so you can grant employees access to just the data they need to do their jobs. If an employee should fall for a ransomware attack, segmentation can help to prevent the virus from spreading throughout your network and operations. Access to the most critical data should be limited to a small number of employees.

Use Multifactor Authentication

Multifactor authentication (MFA) adds another level of protection to your network data. This is a method of verifying an employee’s identity with two or more pieces of proof. The authentication factors typically correlate to a device (e.g., an authenticator app on a smartphone), biometrics (e.g., a fingerprint) or information (e.g., a PIN).

Even if a cyber attacker has obtained a user ID and password, MFA decreases the risk that an attacker can gain access by requiring an additional means of validation. For example, they would need to steal both an employee’s password, as well as their phone, to be able to log in to your systems.

Monitor Network Vulnerability

It’s important to continuously monitor your network to identify and mitigate security vulnerabilities. Begin with a complete assessment of the network; identify all systems that aren’t fully patched and take corrective action. This includes operating systems and software, as well as older legacy systems that your municipality may depend upon.

“Not managing legacy systems could open the door wider for cyber crime,” Simonson said. “Municipalities may not be aware of the patches they might need to make.”

If security updates are no longer feasible, you can reduce the legacy system’s exposure by placing it within its own network segment, making it inaccessible from the internet and restricting employee access.

Your monitoring should also include the systems that remote employees use to gain access to the network. Microsoft’s Remote Desktop Protocol (RDP), for example, can act as an open door for cyber criminals if not properly configured and secured.

Train Employees

Ransomware attacks can often be traced back to an employee who unknowingly clicks on a phishing email or malicious link. To minimize the risk of human error, offer continuous, ongoing training on how to recognize cyber threats. Stress to your employees the importance of examining links and attachments to make sure they are from a reliable source. Also, warn them of the dangers of sharing company or personal information in response to an email, letter or phone call, and set up protocols for reporting suspicious activity to a designated manager.

Develop an Incident Response Plan

Avoid scrambling to figure out a plan after a ransomware attack occurs. Having an incident response plan (IRP) in place in advance is key to a swift, systematic response to help contain the damage and minimize costs. To ensure that your plan will fulfill its intended purpose, test your IRP and put it into practice before an incident occurs. You should also continuously update it as you become aware of new risks and vulnerabilities.

Engage the Pros

If an incident occurs, the first step a public entity should take is to engage legal and computer forensics experts, ideally those identified in your IRP or recommended by your insurance carrier. These professionals can assist with investigating the extent of the infiltration, removing the cause, restoring your network and determining whether or not to pay the ransom. You may also have an obligation to notify others of the incident if their information was potentially compromised as a result of the breach.

Purchase Cyber Insurance

Cyber insurance can be essential in helping cities and counties recover after a ransomware attack. Travelers can help provide resources to manage your exposure, pre-breach, during the breach and after the breach.

Learn more about how Travelers helps to protect cities and counties from ransomware attacks, and contact your independent agent to discuss your specific needs

Learn More About Public Entity Insurance

More Prepare & Prevent

camera on dashboard

Managing the Risks to Law Enforcement, Security Personnel and Other Employees

Videos and social media presents law enforcement with new risks. Here are five tips to help manage those risks.

person from tech company considering errors & omissions insurance

4 Technology E&O Insurance Risks

Considering implementing smart city technology? Know the risks and how to help protect your public entity.

person using smart technology to lock bike on street

5 Ways Public Entities Apply Smart Tech to Enhance Transportation

The technologies being deployed to improve transportation systems present public entities with new risks.

Top Stories
person using smart tech for public safety

6 Ways Public Entities Use Smart Tech for Public Safety

Smart street lights & predictive policing are two ways smart technology is used for public safety. Explore smart tech for public safety.

  • Learn more

Related Content

  • How to Help Municipalities Prepare for E-Vehicles
  • Opioid Crisis Puts Cities and Towns at Risk of Litigation
  • Vendor Risk Management Guidelines

Find an Agent

Need an Agent?

Get the personal service and attention that an agent provides.

Find a local agent in your area:


Related Products & Services

CyberFirst® for Public Entities

CyberFirst is a powerful, modular approach to offering cyber insurance solutions for public entities.


General Liability

Travelers general liability insurance for businesses provides protection from a variety of claims.


See All Public Sector Content


Travelers logo

Travelers and The Travelers Umbrella are registered trademarks of The Travelers Indemnity Company in the U.S. and other countries.
© 2023 The Travelers Indemnity Company. All rights reserved.

  • Travelers on Facebook
  • Travelers on YouTube
  • Travelers on Twitter
  • Travelers on LinkedIn
  • Travelers on Instagram

Products & Services

  • For Individuals
  • For Businesses
  • Claim Services
  • Prepare & Prevent

Our Company

  • About Travelers
  • Careers
  • Investors
  • Sustainability
  • Travelers Institute

Connect

  • Customer Support
  • MyTravelers®
  • For Agents
  • Find an Agent

Legal & Compliance

  • Terms of Service
  • Privacy & Security
  • Cookie Settings
  • Accessibility
  • Producer Compensation Disclosure