Columbus Allocates $23M for Cybersecurity Upgrades After Attacks

Edward Zhou
Edward Zhou

CEO & Founder

 
July 16, 2025 3 min read

Columbus Invests in Cybersecurity Upgrades

COLUMBUS, Ohio — The City of Columbus is set to enhance its digital defenses with a $23 million investment following a significant ransomware attack. This decision was made during a city council meeting on July 14, where officials approved funding for a modern cybersecurity initiative aimed at fortifying defenses against both internal and external threats.

The proposed overhaul will implement a "zero-trust network" framework. This approach necessitates strict identity verification for all users accessing city systems, including city employees. Jennifer Fening, Deputy Chief of Staff for Mayor Andrew Ginther's office, emphasized that "Columbus is facing persistent and sophisticated cybersecurity threats," indicating the urgency of this initiative.

The zero-trust model operates under the premise that no user or device can automatically be trusted. Each access request must undergo multiple layers of authentication. Fening explained that this framework also involves segmenting the network into smaller, isolated zones or microsegments to minimize unnecessary traffic and prevent unauthorized movement across segments.

Carter Yagemann, an Assistant Professor of Computer Science and Engineering at The Ohio State University, noted the growing popularity of zero-trust networks in recent years, stating, “Switching to zero trust is a much more proactive step toward best practices.” He commended Columbus for adopting this forward-thinking strategy.

The city's ransomware investigation report, which has yet to be released, may provide further details about the attack and the measures taken post-incident. Anticipated to be published by mid-2025, this report will shed light on the extent of the breach and the city's response.

The initiative is expected to launch later this year, with a full operational rollout projected by 2027. For more information, see the full report here.

Background on the Cyber Attack

The investment comes nearly a year after the city experienced a devastating cyberattack attributed to the cybercriminal group Rhysida. This attack compromised sensitive data, including personal information of city employees and residents.

Councilmember Nick Bankston remarked that the investment in a zero-trust network will be "transformational" for the city. The unanimous decision by the council reflects a commitment to enhancing cybersecurity measures, especially in light of the legal challenges faced by the city following the breach, including lawsuits from city employees.

Fening reiterated that the zero-trust framework requires strict verification for every user and device, which is a significant departure from traditional security measures that may rely on perimeter defenses. The new system aims to contain any potential threats within isolated network zones, enhancing overall security.

For further context, see the full article here.

Legal and Financial Implications

In response to the attack, Columbus previously allocated funding for legal and incident response services, including a $7 million contract with Dinsmore & Shohl. This funding was intended to aid in the development of a comprehensive report regarding the hack and its ramifications.

Despite repeated inquiries, city officials have delayed the release of the report, which is expected to detail how the attack was executed and the city’s subsequent actions. The lack of transparency has led to public concern regarding the security of city systems.

The ongoing commitment to cybersecurity not only addresses immediate concerns but also aims to build trust with residents, ensuring that city services remain secure and reliable. Bankston stated, “In today’s world, cybersecurity is public safety,” highlighting the critical nature of these advancements.

For more details on the legal challenges and funding allocations, view the complete coverage here.

Implementation Timeline

The City of Columbus aims to commence the zero-trust network project later this year, with a completion target of 2027. This timeline reflects the complexity of modernizing a large-scale network infrastructure while ensuring robust security protocols are in place.

Fening noted that the initiative is part of a broader strategy to modernize the city's IT framework and align with industry best practices. This proactive approach is seen as essential in addressing the evolving landscape of cybersecurity threats.

For the latest updates on the cybersecurity upgrades and the timeline for implementation, follow this link here.

Edward Zhou
Edward Zhou

CEO & Founder

 

CEO & Founder of Gopher Security, leading the development of Post-Quantum cybersecurity technologies and solutions..

Related Articles

Ransomware Attacks Target Russian Vodka and Healthcare Sectors

The Novabev Group, parent company of the Beluga vodka brand, experienced a ransomware attack on July 14, 2025, causing significant disruptions. The attack affected WineLab, the company's liquor store chain, leading to a three-day closure of over 2,000 locations in Russia. The company reported that the attack crippled its IT infrastructure, particularly point-of-sale systems and online services. Novabev Group stated, "The company maintains a principled position of rejecting any interaction with cybercriminals and refuses to fulfill their demands."

By Alan V Gutnov July 19, 2025 3 min read
Read full article

Retail Sector Faces Surge in Ransomware Attacks: A 2025 Analysis

Publicly disclosed ransomware attacks on the retail sector globally surged by 58% in Q2 2025 compared to Q1, with UK-based firms being particularly targeted, according to a report by BlackFog. This spike in attacks follows high-profile breaches affecting retailers like Marks & Spencer (M&S), The Co-op, and Harrods, attributed to the threat actor known as Scattered Spider.

By Alan V Gutnov July 19, 2025 2 min read
Read full article

AI-Driven Lcryx Ransomware Emerges in Cryptomining Botnet

A cryptomining botnet active since 2019 has incorporated a likely AI-generated ransomware known as Lcryx into its operations. Recent analysis by the FortiCNAPP team at FortiGuard Labs identified the first documented incident linking H2miner and Lcryx ransomware. This investigation focused on a cluster of virtual private servers (VPS) utilized for mining Monero.

By Edward Zhou July 19, 2025 3 min read
Read full article

Preventing ClickFix Attacks: Safeguarding Against Human Error

ClickFix is an emerging social engineering technique utilized by threat actors to exploit human error. This technique involves misleading users into executing malicious commands under the guise of providing "quick fixes" for common computer issues. Threat actors use familiar platforms and deceptive prompts to encourage victims to paste and run harmful scripts.

By Alan V Gutnov July 19, 2025 3 min read
Read full article