Cyberattacks are among the fastest-growing threats to public safety in the modern world. From ransomware targeting hospitals to phishing emails stealing financial data from individuals, cybercrime costs the global economy trillions of dollars each year. Ready.gov now includes cyberattacks in its national hazard preparedness framework, recognizing that digital threats have real-world consequences for physical safety and infrastructure.
Thank you for reading this post, don't forget to install the free PubSafe mobile app and subscribe!
What Is a Cyberattack?
A cyberattack is any malicious attempt to access, damage, or disrupt a computer system, network, or data. According to Ready.gov’s Cyberattack Hazard Information Sheet, cyberattacks can compromise personal financial and health information, disrupt critical infrastructure including hospitals and utilities, spread malware and ransomware across networks, and cause widespread economic damage and service disruption. Nation-states, criminal organizations, hacktivists, and individuals with malicious intent can all launch cyberattacks.
The Biggest Cyber Threats to Individuals and Families
Phishing
Phishing attacks use deceptive emails, texts, or websites to trick users into providing sensitive information. Ready.gov recommends verifying the sender’s identity before clicking any link and using multi-factor authentication on all important accounts.
Ransomware
Ransomware encrypts your files and demands payment to restore access. This type of attack has paralyzed hospitals, school districts, and municipal governments. Regular offline backups are the most effective defense.
Data Breaches
Large organizations that store your personal data can be breached, exposing your information. Monitor your accounts and consider identity theft protection services.
Social Engineering
Attackers may call, email, or approach you in person while pretending to be a trusted entity. Never provide sensitive information in response to unsolicited contact.
Before a Cyberattack: Preparedness Actions
- Keep all software updated. Software updates frequently patch security vulnerabilities. Enable automatic updates for your operating system, browser, and antivirus software.
- Use strong, unique passwords. Use a password manager to generate and store complex passwords. Never reuse passwords across sites.
- Enable multi-factor authentication (MFA). MFA requires a second form of verification beyond a password, significantly reducing unauthorized access risk.
- Back up your data. Follow the 3-2-1 rule: 3 copies of data, on 2 different media types, with 1 copy stored offsite or offline.
- Be skeptical of links and attachments. Verify through another channel before clicking suspicious emails — even if they appear to come from someone you know.
- Secure your home network. Change default router passwords, use WPA3 encryption, and set up a guest network for visitors and smart devices.
During a Cyberattack
- Disconnect affected devices from the internet and home network immediately
- Do not pay ransom — there is no guarantee attackers will restore your data
- Report the incident to the FBI’s Internet Crime Complaint Center (IC3.gov)
- Contact your bank, credit card companies, and credit bureaus if financial data may have been compromised
- Work with a qualified cybersecurity professional to assess and remediate the damage
Cyberattacks on Critical Infrastructure
Critical infrastructure cyberattacks are particularly dangerous because they can disable water, power, healthcare, transportation, and communications. The 2021 Colonial Pipeline ransomware attack disrupted fuel supplies across the Eastern U.S. Communities can prepare by maintaining emergency supplies in case utility services are disrupted, signing up for emergency alerts not dependent on internet connectivity, and supporting local government investment in cybersecurity for public utilities.
How PubSafe Provides Resilience During Cyber Events
One of the most dangerous aspects of a cyberattack on critical infrastructure is that it can disable the communication systems communities use to coordinate emergency response. PubSafe provides an independent, resilient public safety communication layer that functions even when traditional infrastructure is degraded. Users can share status, location, and safety information peer-to-peer, enabling communities to maintain situational awareness even when centralized systems are down. In a world where cyberattacks on infrastructure are increasingly likely, building communication redundancy is prudent emergency preparedness.
Resources
- Ready.gov Cybersecurity page
- Cybersecurity and Infrastructure Security Agency: cisa.gov
- FBI Internet Crime Complaint Center: ic3.gov
Download the Ready.gov Cyberattack Hazard Information Sheet and take the first steps today to protect your home, family, and organization from digital threats. Connect your community on PubSafe.
Protecting Your Smart Home and Connected Devices
The explosion of Internet of Things (IoT) devices in American homes — including smart TVs, smart speakers, security cameras, thermostats, doorbells, baby monitors, and connected appliances — has dramatically expanded the attack surface that hackers can target. Many IoT devices ship with weak default passwords, infrequent software updates, and limited security features. They can serve as entry points into your home network, allowing attackers to access other devices, monitor your activities, or launch attacks on third parties.
Ready.gov and CISA recommend these IoT security best practices: Change default passwords on every connected device immediately after purchase. Check for firmware updates regularly and enable automatic updates if available. Segment your network by creating a separate Wi-Fi network (guest network) for IoT devices — this prevents a compromised smart appliance from accessing your computers and smartphones. Research devices before buying — choose manufacturers who provide regular security updates and have a strong security track record. Disable features you do not use, such as remote access if you only use the device at home.
Business Cyber Resilience Planning
For small and medium-sized businesses, cyberattacks pose an existential threat. According to the National Cybersecurity Alliance, 60% of small companies that suffer a cyberattack go out of business within six months. CISA’s Cybersecurity Performance Goals and NIST’s Cybersecurity Framework provide accessible, prioritized guidance specifically for small businesses that may not have dedicated IT security staff.
Key elements of a small business cyber resilience plan include: employee security awareness training (the most cost-effective security investment); multi-factor authentication on all business accounts; a data backup and recovery plan that is tested regularly; an incident response plan that specifies who to call, what to do, and how to communicate if a breach occurs; cyber liability insurance to cover the costs of breach notification, legal liability, and recovery; and a vendor risk management process that ensures third parties with access to your systems meet basic security standards.
The SBA and SCORE both provide free resources and mentorship for small businesses building cyber resilience programs. CISA’s free Cyber Hygiene Services include vulnerability scanning for small businesses and critical infrastructure operators.
National Cybersecurity Awareness and Policy
Ready.gov’s inclusion of cyberattacks in its national hazard preparedness framework reflects a broader recognition in the federal government that cybersecurity is a national security issue with direct public safety implications. CISA’s role as the nation’s cyber defense agency has expanded significantly, with new authorities to coordinate vulnerability disclosure, share threat intelligence with the private sector, and respond to major incidents. The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) now requires operators of critical infrastructure to report significant cyber incidents to CISA within specified timeframes, improving the federal government’s situational awareness and response capabilities.
At the individual and community level, building a culture of cybersecurity awareness is as important as any technical measure. Connect your community on PubSafe and use it as a trusted channel for sharing verified information about local cyber incidents that may affect community safety — such as a cyberattack on a local utility, hospital, or government system.
Taking the Next Step in Your Preparedness Journey
Preparedness is not a single action — it is an ongoing practice. Every time you review your emergency plan, check your supply kit, or connect a neighbor to a preparedness resource, you are building community resilience. The cumulative effect of thousands of individuals and families taking preparedness seriously is a community that absorbs shocks, recovers faster, and takes care of its most vulnerable members during the worst days.
Bookmark the relevant Ready.gov hazard page, download the Hazard Information Sheet, and share this article with your family, coworkers, and neighbors. Join the PubSafe network to stay connected with your community before, during, and after any emergency. Check your local emergency management agency’s website for preparedness resources specific to your region. And consider volunteering with local emergency response teams — CERT (Community Emergency Response Team), volunteer fire departments, and local emergency management councils all welcome community members who want to contribute to a more resilient community.
Emergency preparedness does not require perfection. Start where you are, with what you have. Each small step builds on the last, and the journey from being unprepared to being genuinely ready is shorter than most people think. Take one step today — for yourself, for your family, and for your community.
