Nearly two-thirds of all publicly known ransomware attacks in the United States in 2019 have targeted state or local governments, according to a report published Wednesday by cybersecurity firm Barracuda Networks.
Ransomware attacks typically encrypt files and lock them up so users can’t access them. The attackers then demand a ransom amount, typically in Bitcoin digital currency, in exchange for the decryption keys to unlock the files.
Baltimore City estimates that this year’s ransomware attack on its computer network will cost at least $18.2 million. The estimate reflects a combination of lost or delayed revenue and direct costs to restore network infrastructure and city computers.
Barracuda Networks identified more than 55 attacks against state and local governments reported between January and July. In fact, according to the report, state and local governments are the intended victims of nearly two-thirds of all ransomware attacks.
Of the 55 attacks, 38 targeted municipal governments, 14 were aimed at county governments, and three were launched against state governments. While all types of governments were affected, most victims were small towns or big cities.
According to the report:
About 45 percent of the municipalities attacked had populations of less than 50,000 residents, and 24 percent had less than 15,000 residents. Smaller towns are often more vulnerable because they lack the technology or resources to protect against ransomware attacks. Nearly 16 percent of the municipalities attacked were cities with populations of more than 300,000 residents.
About 45 percent of the municipalities attacked had populations of less than 50,000 residents, and 24 percent had less than 15,000 residents. Smaller towns are often more vulnerable because they lack the technology or resources to protect against ransomware attacks. Nearly 16 percent of the municipalities attacked were cities with populations of more than 300,000 residents.
In the 55 attacks this year, only two town governments and one country government paid the ransom, all in June. In Florida, Lake City paid roughly $500,000 (42 Bitcoin), and Riviera Beach paid about $600,000 (65 Bitcoin), after trying and failing to recover their data. In Indiana, La Porte County paid $130,000 to recover its data. None of the cities attacked in 2019 so far have paid a ransom, including Baltimore, which spent $18 million to recover from the attack.
Ransomware used in recent attacks against state and local governments includes Ryuk, SamSam, LockerGoga and RobbinHood.
Barracuda’s figures do not include the widespread ransomware attack earlier this month on twenty-two communities in Texas, though the firm said that event, described as a coordinated effort by a single threat actor, will push the total number of attacks for 2019 to more than 70.
