- The City of Naples, FL was the victim of a cyberattack that resulted in the loss of $700,000, the city manager has confirmed, becoming the latest city in Florida to fall victim to a cyber crime.
- The Naples attack was a "spear-phishing" operation, which uses an email that appears to be from a legitimate source to target an individual or department. In this case, an email was sent that appeared to be from a construction company working with the city on an ongoing project, resulting in funds being paid to a fake bank account the attacker provided.
- In an emailed statement to Smart Cities Dive, City Manager Charles T. Chapman IV said all data systems are "safe and secure" and that no data breach occurred. "Internal personnel policies have also been strengthened with remedial training being developed in addition to our existing annual cyber security training programs," Chapman said.
Already this summer, two other Florida cities — Lake City and Riviera Beach — agreed to pay ransom to hackers after cyber attacks, and a third, Key Biscayne, said it had been attacked. The Naples incident was different, since it did not involve an intrusion into city systems. Instead, the phishing operation targeted just one department for the scam. Still, it served as a reminder of just how vulnerable cities remain.
"In today's business environment, it is not a matter of if you are going to be attacked, it’s a matter of when are you going to be attacked," Chapman said. "Despite our best preventative measures, the City of Naples is now a victim of a cyber-crime."
Resource constraints mean that most local governments do not have dedicated cybersecurity staff and budgets. There have been several proposals to offer more federal funding and assistance, including a bipartisan bill in Congress that would create a grant program in the Department of Homeland Security to help states develop cyber resilience measures.
The Florida League of Cities, which has insured several of the victimized cities, has provided trainings and assistance to local government IT staff to shore up their security procedures along with organizations like the Florida Local Government Information Systems Association. "We are constantly learning and developing counter measures to address these threats," Jenna Tala, director of communication and education for the Florida League of Cities, told Smart Cities Dive.