Targeted ransomware attacks being perpetrated on local government entities is on the rise. Although the ransoms demanded are often relatively small, typically under $100K, the overall costs to remediate the attack and the damages inflicted by downtime and decreased efficiencies by having to go back to manual services, can often run into the hundreds of thousands of dollars; and more often than not, into the millions of dollars once all losses are finally tallied.
In a telling study by Massachusetts-based cybersecurity firm, Recorded Future, the collected evidence showed that at least 170 county, city or state governments in the US had been attacked since 2013, with at least 45 police and sheriff’s offices across the nation being hit. The numbers continue to rise. In 2019 alone, there have been 22 known public sector attacks so far, which is rapidly outpacing numbers from 2018; the latest major city to be hit being Baltimore, which was forced to quarantine its network and provide most municipal services manually. The security industry conservatively estimates that ransomware attacks are costing victims billions of dollars a year. Unfortunately, there are no precise numbers as comprehensive records of attacks around the world are not kept and not all attacks are even reported.
This rise in attacks on municipalities is a clear sign that hackers are becoming more discerning when choosing their targets: it is all about maximizing the amount of money that they can make. As we’ve stated in our blog last week, the overall number of ransomware attacks may be decreasing but the related costs are increasing as hackers become increasingly focused with more customized and targeted attacks being executed on municipalities, instead of individuals. Municipalities often have vital systems, not only in day-to-day operations but essential services such as traffic, transportation and other systems that they are more willing to pay a ransom for in order to get these services back online; as opposed to an individual that often simply decides to just go out and buy another computer.
Who are the perpetrators of these attacks? According to a CNN article covering the study, the attackers range from criminal gangs to people allegedly working at least tangentially with their countries’ governments. Unfortunately, in most cases, these attacks are carried out by hackers in other countries and often tend to be out of reach as they are in countries where they cannot be extradited to the US, nor to the districts on which they carried out the attack, in order to face charges. Also unfortunate is the fact that some of the ransomware worms that are currently being used by attackers on these municipalities were created originally by nations such as North Korea for government-sanctioned attacks before they got out of hand and got into the hands of hackers who have co-opted the malware for much more lucrative purposes.
All of this just continues to emphasize and reiterate the fact that without proper safeguards and a good solution in place, municipalities, and ultimately the residents that reside there, will continue to get bilked for hundreds of thousands, if not millions of dollars; often times, money that small municipalities cannot spare. That is why we continually bring up our “Detect and Block” solution. As part of our civic duty, we offer any municipality or government entity a FREE 90 day trial of the Wedge Advanced Malware Blocker that can Detect and STOP all forms of Ransomware in Real-time, BEFORE it has a chance to even hit your network. If a municipality can save itself from being one of the growing number of ransomware victims, we feel that our civic responsibility and duty will have been fulfilled. Get in touch with our team at email@example.com for more information on how we can protect your network!