SEC probe relating to a cyberattack on a Michigan township's bond sale could involve looking into whether investors are getting an accurate picture of the issuer's credit risk, a former SEC enforcement attorney said.

Belvia Gray, Public Finance Leader at Baker Tilly, talks about the firm's efforts and focus on bringing the industry together on cyber security threats, succession planning and more.

The public finance industry is addressing cyber threats, which became clearer with last year's hack of White Lake Township's bond closing.

White Lake Township, Michigan, is facing legal action on two fronts: one of them related to the hack of its bond deal closing last year, the other a civil suit. 

The offering document for a White Lake Township bond sale sheds more light on the hack criminals used to intercept funds between the underwriter and borrower.

It's hard enough convincing local governments to spend money on cyber insurance that covers ransomware attacks, said Omid Rahmani, public finance cybersecurity lead at Fitch Ratings. The new and very specific threat of a hacked financing process, is "absolutely" underappreciated by the public finance industry.

"This matter is now under active investigation by federal authorities and impacted financial institutions, who are coordinating with the White Lake Township Police Department," said Daniel Keller, chief of police, in a statement.

The threat of cybercrime against municipalities continues to mutate into more sophisticated and life-threatening schemes, say economists and rating agencies.

Ransomware group LockBit threatened on Sunday to publish the stolen data Tuesday evening. Ransomware experts said it was likely that the group was bluffing.

With cyberattacks on the rise, issuers have had to keep fortifying their defenses against criminals targeting the public sector. 

While the SEC's cybersecurity rule does not apply to municipal issuers, there are a few points discussed in the Adopting Release that may be useful for municipal market participants. 

New York State Comptroller Thomas DiNapoli urged state agencies to do more to protect water systems from cyberattacks as Moody's Investors Service said cyber risks pose challenges to municipalities across the United States.

Through proposed SEC regulations, federal grants and cybersecurity insurance, areas of the public finance industry are adjusting to costly and omnipresent cyber threats. 

The increasing number and frequency of cyber attacks against municipalities is a cause for credit concern, S&P Global Ratings says.

The California Department of Finance aids the governor in drafting the preliminary budget that is released in January.

Increased use of third-party vendors by transportation issuers may be putting those entities at increased risk.

Upgrading the agency's technology could make information exchange more secure.

Scammers are masquerading as the IRS’ Tax Exempt and Government Entities Division to try and get issuers and borrowers to disclose confidential information.

Municipal governments have become a target for online criminals. Experts warn their neglect of cybersecurity puts finances, services and vital records at risk.

Shortly after New Jersey state lawmaker Shama Haider introduced a bill to strengthen cybersecurity defenses, her own town of Tenafly faced a ransomware attack.