Cyber-attackers know that city and town officials have been gearing up for the start of school and the potential for remote learning, in school or a hybrid model all summer. The daily monitoring of the coronavirus has kept officials alert and flexible as they focus on the start of school.

Cyber-attackers also know that cities and towns often have not devoted as much time and resources into cybersecurity as private companies. So it was a perfect time—over the Labor Day weekend–for cyber criminals to hit the City of Hartford, Connecticut with a ransomware attack right before the start of school, which was scheduled for  Tuesday, September 8.

As a result of the ransomware attack, city officials had to delay the start of school, which was a major disruption to the schools, teachers, administrators, parents and students. The attack affected a majority of the city’s servers, and was certainly a distraction from other priorities.

I often hear from information technology professionals in cities and towns that they have other priorities that are perceived as more important than incident response planning, and that they are challenged by the lack of funding prioritized for cybersecurity by city officials.

The planning for the start of school was certainly a priority over the summer, but if an incident response plan is not in place, the timing of a cyber attack can throw all that careful planning right out the window.

What happened to Hartford is happening repeatedly across the country and the attacks are coming faster and with more teeth. City officials may wish to consider making cybersecurity, including appropriate budgeting and implementing an incident response plan, a priority, because it is not a matter of if, but when that ransomware attack will occur.