There have been a number of well publicized ransomware attacks on various public administrations this year. In May, for example, the city of Balitmore discovered a ransomware attack in which a variety of information and services such as voice mail, email, and a system used to pay water bills, property taxes and vehicle citations were stolen. The attack also put a halt on at least 1,500 pending home sales.
In essence, ransomware is a form of malware where access to databases or computer systems are blocked until the effected entity pays a sum of money. Often, the attackers will threaten to permanently erase the information I the ransom isn’t paid quickly.
A New Trend
Ransomware attacks on local governments are becoming a real trend. A report published by Recorded Future found that there have been 169 reported ransomware attacks against government agencies since 2013.
And the number of attacks per year is on the rise. When the report was published in April, there were already 21 government attacks reported in 2019. Since then, ransomware attacks effected not only Balitmore, but also, among others, Lynn, Massachusetts, Cartersville, Georgia, Georgia’s state court system, and three separate Florida municipalities.
To Pay or Not to Pay
Another finding of the Recorded Future report is that governments are less likely to pay hackers. While 45% of all organizations attacked pay the ransom, only 17% of government agencies reported that they paid.
Whether or not to pay hackers involves a complicated risk-benefit analysis. Not paying can lead to the permanent erasure of important systems and could cost tens of millions to recover. But while ransoms are generally in the thousands, paying the hackers creates incentive for future ransomware attacks.
Why are Public Institutions Being Targeted?
So, why are government agencies experiencing all these attacks. Well, as it turns out, they are instead considered by hackers to be low-hanging fruit. According to Tyler Moore, professor of cybersecurity at the University of Tulsa, “ransomware attacks tend to select victims that rely heavily on information-technology resources, have relatively weak operational cybersecurity practices and have the means to pay substantial ransoms.” And public institutions check all three boxes.
Government agencies are notoriously out of step when it comes to IT. Budgets for IT systems are often too tight for them to keep up. In fact, the Washington Post reported that the Balitmore attack was only successful because the city had not installed freely available security patches and did regularly backup their information.
Ransomware hackers are opportunistic. After all, why spend the time breaking into well-secured systems when there are plenty of easy-to-access systems out there? Even the most basic security settings can help prevent ransomware attacks. And in the event an attack does happen, creating regular backups of key systems and having a response plan in place will go a long way toward mitigating the effects of an attack.
Also published on Medium.