Privacy issues and the cyberattacks are two typical threats in network operation, but the problem considering both of them has not been properly addressed. To fill this gap, this article investigates the privacy-preserving consensus strategy against the false data injection attacks (FDIAs) for secondary control of microgrids. An integral sliding mode observer and its supporting controller are developed to against the FDIAs on local units. Since the sliding motion is independent of the controller signal, the proposed strategy has a natural advantage for the FDIAs on the controller command. Furthermore, an observer-based resilient control strategy is proposed to against the FDIAs on the communication lines. It is worth mentioning that the $H_\infty$ performance can be obtained by regarding the consensus errors as disturbance. Moreover, the edge-based privacy-preserving algorithm along with the observed-based resilient strategy is proposed. Finally, some simulation examples are used to verify the theoretical results.