By Chad Engle, Loss Prevention and Safety Specialist

Cybersecurity is the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this. What is your county or agency doing to protect your electronic data? I am not an information technology specialist, so I will leave the firewall, antivirus and malware detection  recommendations to them. I want to discuss the common cybersecurity threats that our members face and what each employee can do to avoid falling prey to those folks that are trying to gain access to your protected electronic data.

Ransomware is a form of malware that encrypts a victim’s files, rendering them unusable. The attacker then demands a ransom from the victim to restore the data upon payment. Ransomware is commonly delivered via an attachment in an email that appears to be from a person, organization or business you would trust. This is known as phishing. Ransomware is becoming very lucrative for hackers.

An article published online by Infosecurity Magazine states that local government organizations are most frequently targeted by ransomware. They referenced a study by Barracuda Networks that found that 44% of the global ransomware attacks that had taken place in 2020 were aimed at municipalities and that 15% of those municipalities had confirmed they have made ransom payments.

Cybercriminals also target the payroll accounts of local government and municipalities. Cybercriminals use the same phishing techniques or attempt to break passwords to gain employee’s credentials that are then used to access payroll accounts. Our own NIRMA claims staff is currently working with a member that suffered a loss of approximately $1.6 million due to a hacker using a payroll diversion scheme. It is believed that access was gained via a hacked password.

To mitigate the threat of ransomware, payroll diversion schemes and to protect important data:

Password Best Practices

  • Never reveal passwords to anyone
  • Use different passwords for different accounts
  • Length trumps complexity
  • Complexity still counts
  • Make passwords that are hard to guess but easy to remember
  • Use misspelled words with characters and symbols

Phishing – Be Wary of These Red Flags – KnowBe4

  • Email is from an unknown address/sender
  • You know the sender (or organization), but the email is unexpected or out of character
  • You were copied on an email and you do not know the other people it was sent to
  • You receive an email that would normally be sent during business hours but was sent at 3:00 am.
  • Email is pressuring you to take some action using guilt or fear
  • Misspellings in hyperlinks
  • Email contains hyperlinks asking you to take an action
  • When you hover your cursor over a link, the link address is for a different website
  • The subject line of the email is irrelevant or does not match the message content
  • Email is about something you never requested or a receipt for something you never purchased
  • The sender is asking you to click on a link or open an attachment
  • The email is asking you to look at a compromising or embarrassing picture of yourself or someone you know.
  • You have an uncomfortable feeling, or it just seems odd or illogical
  • Any attachment you receive that you are not expecting

Educating employees is the first line of defense against hackers and the best way to protect important data. NIRMA provides multiple resources to assist our members in keeping this topic front-of-mind:

  • Streaming Videos on demand
“Don’t click that link”
  • NIRMA Online University
“Cybersecurity Threats to Public Entities”
“Computer Security Basics”
“Risks of Social Media in the Workplace”
  • Loss Prevention Training
“Cybersecurity Best Practices”
  • NIRMA eRisk Hub
Three recorded NIRMA-hosted webinars;
eRisk Hub provides numerous training resources, games, videos, phishing examples, self-assessments, news, breach response.

Hackers are targeting local government and municipalities. They see us as a soft target due to smaller budgets and less technology. We have a duty to protect taxpayer funds and personally identifiable information (PII). Keep in mind that the PII we need to protect includes that of our employees, so it behooves everyone to do their part.

As always, I can be reached at or 1.800.642.6671.