Over the course of the past few weeks, a seemingly stepped-up wave of malware and ransomware infections has struck a number of municipalities across the U.S.On April 10, the city of Greenville, North Carolina, had to disconnect most city-owned computers from the Internet due to what officials said was a RobinHood ransomware infection, a duplicitous piece of malware that pretends to raise awareness and funds for the people of Yemen.On April 13, Imperial County, California was hit with Ryuk ransomware, which is designed to target enterprise environments, forcing its website to go dark and causing some city systems to malfunction, including a number of departments\u2019 phone lines.On the same day Imperial County was infected, the city of Stuart, Florida, was hit by Ryuk ransomware, forcing system shut-downs affecting payroll, utilities and other vital functions, including police and fire departments.On April 18, an unspecified piece of malware, likely ransomware, crippled the city\u2019s computer network in Augusta, Maine.On April 21, the municipally owned airport in Cleveland, Ohio, Cleveland Hopkins International airport, was struck by still-unspecified malware, causing the airport\u2019s flight and baggage information boards to go dark, an outage that lasted at least five days.Despite what appears to be a recent spurt in municipal ransomware attacks, these infections are nothing new to the nation\u2019s cities. The most high-profile municipal ransomware attack took place over a year ago in March 2018 when the city of Atlanta was crippled by SamSam ransomware. According to Wired magazine, the city of Atlanta ended up spending $2.6 million to respond to that attack, roughly 52 times the amount of the $50,000 or so in ransom demanded by the attackers.Cyberattacks on municipalities harder to hideStill, the recent spate of attacks raises the question: Are municipal ransomware infections on the rise? According to some municipal cybersecurity experts, cities have long grappling with malware and ransomware attacks at the same rate as private sector organizations, but are just now becoming more public about it.\u201cMost of these cities have had issues just like businesses have for years,\u201d Gary Hayslip, former CISO for the City of San Diego, California, and now CISO for security firm Webroot, says. \u201cIt's just more of them are being public about it because governments are requiring it now more.\u201dIt\u2019s increasingly difficult to hide city ransomware infections, particularly given that responding to them often requires funds from municipal coffers. \u201cTypically, you end up having to pull out your cyber insurance and you\u2019ve got to get Mandiant or somebody that you have on call to come on over and help you clean up and then hopefully get your data back,\u201d says Hayslip. \u201cSo, you're not going to keep that kind of stuff quiet.\u201dInternet-delivered city services present more opportunities for attackersCities are getting deeper and deeper into IP-based activities to deliver services as efficiently as possible, giving attackers more opportunity to engage in malicious behavior. \u201cI would say there are a couple of big pressures that I think are relevant to most industries, but state and local governments are also exposed to it. First and foremost is the rapid expansion and availability of technology capabilities,\u201d says Chris Kennedy, former government cybersecurity veteran and currently CISO of cybersecurity firm AttackIQ.Attackers are also getting more savvy. \u201cThere's a constantly growing threat of exploitation either through investment from state-sponsored actors to the commoditization of very sophisticated attack techniques that are easy to use for inexperienced hackers. Ransomware isn't new. It's just how it's been packaged up and how it's being leveraged operationally by the hacker community.\u201dData stored in city systems an attractive targetWhether attacks on cities are increasing or merely just coming more to light now, it\u2019s clear that they\u2019re attractive targets for attackers. \u201cIf you think long-range. state and local governments offer a wealth of information about citizen activity. You can imagine how cyber criminals would want to take advantage of that collection of information for identity theft and things like that,\u201d says Kennedy.\u201cMost people don't realize cities have massive amounts of data. It's amazing the different types of data that they have. I mean it's just phenomenal. They have everything from permits to people paying their water bills to parking tickets to whatever. People are investing in bonds,\u201d says Hayslip, adding that cities also accept credit cards. \u201cU.S. cities are very, very similar to large multinational businesses.\u201dFinancial constraints put a squeeze on securityUnlike large multinational businesses, however, cities, particularly small cities or towns, face financial constraints that limit just how much they can spend on protecting themselves from breaches, malware infections and other kinds of attacks. \u201cIt can be an overwhelming problem if you're not adequately staffed,\u201d Kennedy says. \u201cWhen you're resource-constrained a lot of the operating falls to contractors\u201d and \u201chow well you manage those contractors is often difficult.\u201dOn top of that, cities struggle to keep pace with technology refresh cycles, which are growing shorter each year. \u201cToday the typical refresh cycle is about 18 months and most cities aren't ready for it. A lot of the larger cities still have mainframes.\u201d Hayslip says. \u201cIn a business you can do rip and replace. You can go ahead and say we're going to be down and we're going to stand up a parallel data center and we're going to flip over and rip out all this old stuff and then go on about our business. That's very hard to do when you have citizens that are riding on the services that you provide and don\u2019t like to have their services interrupted.\u201dState and local governments need federal cybersecurity assistanceWhile municipal governments struggle with increased attacks, constrained resources and outdated equipment, there are few easy solutions to the unique problems they face. Hayslip thinks the federal government has a role to play in helping cities with funding shortages. \u201cThese municipal governments and state governments are tied to massive amounts of federal networks. They're all interrelated and tied to each other,\u201d he says.\u201cThere should be a pool available to state and local governments\u201d to provide small governments funds to addresses at least the basics of cybersecurity, such as updated software, firewalls and other cyber hygiene-related needs. \u201cIt would reduce the risk on the supply chain side among the municipal, state and federal networks,\u201d according to Hayslip.Cities that are fortunate enough to have dedicated security staff, which Hayslip says begins when the municipality reaches 300 employees, can also benefit from participating in formal and informal information-sharing efforts. Among the formal options available to cities are the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC), which is focused on state, local, tribal and territorial government cybersecurity, as well as resources available from the Department of Homeland Security.Local governments should share security dataWhen it comes to local governments, sharing information informally can be as helpful as the more formal efforts. When Hayslip was CISO of San Diego, he had a loose group of peers from other jurisdictions in the area and nine times out of ten when one of them was dealing with a sustained attack, the others were, too. Cybercriminals like to \u201cget the most bang for their buck so they'll attack a region\u201d where local governments are likely to be interconnected, he says.On the whole cities appear to be dealing adequately with the ransomware and other malware infections that come their way. \u201cSome of them are really taking it seriously and they're building. Not just the city of San Diego but Los Angeles is doing very well. The city of Denver is doing very well.\u201d Even the city of Atlanta is a good example of a municipality that might now be ahead of the curve. \u201cI think they they've learned their lessons and they're putting it together,\u201d Hayslip says.