Authored by Connor Heaton. Heaton is a Program Manager at CivAI, a nonprofit dedicated to helping the public internalize the impacts of AI on society through interactive software demonstrations of AI capabilities and dangers.
In early 2025, critical operations at Cleveland Municipal Court were disrupted by the Qilin ransomware group. The court was fully shut down for a week, and it took more than three weeks to resume normal operations. Employees had to work without internet access, background checks were halted, dozens of trials had to be rescheduled and the court’s website was down for almost a month following the attack. The cyberattack was one of many that targeted local government offices in 2025.
With the expanding capabilities and adoption of AI, cyberattacks on cities are poised to ramp up in 2026. Reports suggest that Qilin and similar groups have been aggressively incorporating AI into their operations.
Adoption May Outpace Governance
AI is empowering everyone, good and bad actors alike, and many local governments are already on the path to adoption. AI can help automate many of the tedious, repetitive tasks that bog down government employees. Several cities have launched initiatives to improve 3-1-1 services, with resident-facing chatbots or internal AI tools that efficiently process textual data. Los Angeles, Austin and Honolulu are using AI to expedite planning and permitting processes.
However, when official guidance and tooling lag, employees fill the gap themselves — Menlo Security’s 2025 Report indicates that 68 percent of employees use free-tier AI tools like ChatGPT via personal accounts, with 57 percent inputting sensitive data.
IBM’s 2025 Cost of a Data Breach Report found that incidents involving unsanctioned AI use cost organizations an average of $670,000 more than the average breach cost and resulted in higher rates of compromise of personally identifiable information. Furthermore, a staggering 97 percent of AI-related security incidents involved AI systems that lacked proper limitations on what data and systems could be accessed.
Privacy and Protection Considerations for Local Governments Adopting AI
- Personal accounts with AI tools like ChatGPT should be considered unsafe for sensitive data, due to the risks of data breaches and court-mandated data retention or disclosure. Corporate accounts with stronger and more stable privacy agreements are best practice.
- Criminal Justice Information (CJI) is subject to special data handling and security requirements. This may impact both potential usage and vendor options.
- Interactions with AI tools may be subject to public records requests. Set policies accordingly.
- Validate AI outputs before acting on them. The current generation of AI tools began as pattern-matching machines trained to produce plausible-sounding outputs, and even now can’t guarantee accuracy.
- Be careful using AI for HR tasks. AI tools are often unable to provide auditable justifications for their recommendations, which can make it difficult to rule out that discrimination has occurred. New York and California have specific rules on the use of AI in hiring.
Emerging Threats to Prepare for in 2026
Prompt Injection
Hidden instructions in emails, PDFs, images and webpages can hijack AI assistants into extracting sensitive data or taking unauthorized actions.
- Who’s at Risk: Local governments using AI tools that interact with external data (emails, documents, forms, websites), especially if those tools have the ability to take actions or modify data.
- Mitigations: Sanitize inputs by screening incoming data for malicious prompts. Limit what data AI systems can access and what actions they can take.
AI-Led Cyberattacks
AI tools are enabling criminals to conduct cyberattacks with minimal human intervention. Anthropic disrupted a campaign in which hackers used Claude for 80-90 percent of their operations.
- Who’s at Risk: Small and midsized city offices with limited IT resources. Cyberattacks are becoming cheaper, expanding the footprint of organizations that can be profitably targeted.
- Mitigations: Uplift organizational security standards, including strong passwords, MFA, phishing awareness, least privilege principles, robust backups and patch automation. Consider conducting AI-powered penetration testing regularly.
What Local Governments Can Do
Cities, states and public sector organizations can take concrete actions to improve their risk profile:
- Start with governance. Government offices should have robust AI policies that articulate how AI adoption is being managed and monitored, and address the risks described above.
- Train staff thoroughly. Employees often assume organization-approved tools are inherently safe and reliable, and may need to be educated on risks and responsibilities specific to AI tools.
- Don’t shy away from adoption. It’s difficult to cultivate a nuanced understanding of the capabilities and failure modes of AI tools without using them.
- Inventory AI applications. Generative AI is being embedded into many existing tools, and this can make the line between approved and unapproved use unclear. Know where and how AI is being used.
- Keep track. Set key performance indicators and key risk indicators; monitor AI usage closely, both to ensure compliance with policy and support employees in adopting AI more effectively.
- Reach out for help. NLC and the Public Technology Institute offer resources specifically designed for public sector entities navigating these challenges. CivAI provides free public and private demonstrations of real AI risks to help prepare society for the change AI brings.
The threat landscape is evolving faster than most governance structures can adapt. Local governments that treat AI security as a core requirement will be best protected and positioned to benefit from AI.
Visit the NLC Strategic Partnerships page to learn more about the organizations like CivAI dedicated to making NLC the premier resource for local governments.
Cybersecurity Isn’t the Problem: Cyber Risk Governance Is
- CyberAlliance
HelloNation: Bring Your City’s Story to Life
- CGI Digital
NLC and BRINC Partner to Help Cities Nationwide Deploy Drones to 911 Calls
CitiesSpeak Podcast: Clarence Anthony Live in Boston
Sally AI Masterclass: Fixing Cybersecurity Problems End-to-End in Government & Critical Infrastructure
Infrastructure Funding: Smart Strategies for Forging Resilience
- NLC Partnerships