Cybersecurity experts say hackers target local governments daily — even hourly — which leaves many scrambling to respond and protect sensitive information.
"Every system out there is vulnerable," said Tim Lorello, CEO of SecuLore Solutions, a Maryland-based company that helps local governments combat cyberattacks.
The startup has clients in eight states but tracks cyber incidents around the country.
"We're up to 204 incidents that we've tracked across 46 states," Lorello said.
Hackers hijacked 123 of Washington, D.C.'s police surveillance cameras just days before the 2017 inauguration. Authorities are trying to extradite two Romanians accused in that attack.
In April 2017, Dallas residents lost sleep over a hack that made 156 emergency sirens repeatedly wail in the middle of the night.
And just last month, hackers hit Baltimore's automated 911 system knocking it offline for 17 hours.
"I think most of the attacks we see are random. Most of them are just blanket trying to see who's vulnerable," said Lorello.
And those attempts are constant. A 2016 survey by the University of Maryland Baltimore County found more than 25 percent of local governments across the U.S. faced attempted cyberattacks as often as once or more per hour.
"Most of the cybercrimes go unreported because of the embarrassment," said Lorello. "The impact will erode trust."
SecuLore Solutions’ Chief Technology Officer Sean Scott showed the News4 I-Team a small black box they created to plug into any network and instantly see all of the countries and computers trying to access files.
During his interview, one local Maryland government had IP addresses from 40 countries interacting with it and downloading data.
"We found a hidden IP doing things it shouldn't do," Scott said. "And we can show you the exact amount of data that they're stealing."
Sometimes it isn't data the hackers want, it's dollars — or bitcoin, in the case of an Atlanta ransom attack last month.
If governments haven't backed up their files and need access to the records being held hostage, it can cost them.
The I-Team asked Lorello if some local governments just pay the ransom and don't ever publicize that.
"Oh yeah, sure. Yes, absolutely," he replied. "In fact, we know there are some scenarios where people work with their insurance companies."
In December 2016, a small police department outside Dallas lost several years of video evidence and digital documents after refusing to pay a ransom. Malware infected the computer system when an employee clicked on an email disguised to look legitimate.
That's the same type of attack that brought down the Virginia State Police email network for a week in April 2017.
It's why D.C. government is constantly alerting its employees. The I-Team obtained an internal email warning employees to remain vigilant.
"The weakest link in the cyber chain is not technology, it's people," D.C. Homeland Security and Emergency Management Agency Director Chris Rodriguez said. "It's like putting the alarm system in your house and not locking the front door."
The goal is to make the District's network so secure that hackers just move on to another target, he said. Especially since they don't even have to be at a computer to run a hacking program.
"There are now automated tools on the internet that can that can allow a person to comb through billions of IP addresses to try to get into systems on an automatic basis," said Rodriguez. "They're happening on a daily basis billions of times per day, and we need to make sure that we're prepared for that."
Cyberattacks can also have cascading impacts on other areas of the city's infrastructure like roads, power and water.
"It is serious stuff," said Lorello. "So I would say that this is, if it's not number one, it should be pretty darn close to the top."