Ransomware operators have developed a taste for state and local governments across the United States this year, with almost two thirds of ransomware attacks in 2019 directed at government organizations.
Local, county, and state governments, as well as schools, libraries, courts and other entities have all been under heavy fire from stealthy cybercrooks with insatiable ransom demands. The jury’s out on why ransomware operators are focusing more on government institutions. But, if the $1 million in combined ransom payments from two Florida cities is any indication, business is booming for the cybercrime sector, particularly in the ransomware department.
Researchers at Barracuda Networks have identified more than 70 ransomware attacks on state and local government in 2019, including 22 communities in the State of Texas alone. They found that almost all infections started as a malicious email attachment or link, and almost half of the municipalities hit with ransomware had fewer than 50,000 residents (except Baltimore, with about 100,000 people).
“Email is the most common threat vector for these types of ransomware attacks, but the blast radius can easily reach networks, applications and a wide variety of sensitive and critical data,” they said. “Government organizations at all levels need preventative and defensive strategies in place, along with disaster and recovery capabilities.”
Smaller cities typically have small IT budgets, leaving them open to cyber-attacks. Notably, Baltimore spent $18 million to recover from the incident after the mayor refused to cave in to the attackers’ less costly demands.
While the research covered only the United States, similar ransomware attacks have been reported globally, including in Canada, Ireland, India and South Africa.