- The Washington Times - Wednesday, August 28, 2019

More than 70 local, county and state governments across the country have been on the receiving end of ransomware attacks so far in 2019, a cybersecurity firm reported Wednesday.

An analysis undertaken by Barracuda Networks identified 55 ransomware attacks targeting governments of various size between January and August, the California-based company reported. Subsequent attacks affecting communities across Texas this month have brought that tally up to 72 and counting.

Ransomware works by infecting data stored on vulnerable computers and then holding it hostage until its perpetrator receives a ransom typically paid in digital cryptocurrency like Bitcoin. Recovery is not guaranteed recovery, however, so the FBI advises ransomware victims against compensating culprits.

Of the 55 ransomware attacks examined by researchers, 38 targeted local governments, 14 targeted county governments and three targeted state governments, the report said, noting that most victims were either small towns or big cities.

Nearly half of the municipalities attacked with ransomware — about 45% — boasted populations of less than 50,000 people, while about 17% had more than 300,000 residents, Barracuda chief technology officer Fleming Shi wrote in the report.



“Smaller towns are often more vulnerable because they lack the technology or resources to protect against ransomware attacks,” he reported, noting that roughly a quarter of the attacks targeted municipalities with less than 15,000 residents.

The attacks targeted government organizations ranging from courts to schools and libraries, the report noted, putting entities across the board at risk of being attacked with ransomware.

“Government organizations at all levels need preventative and defensive strategies in place, along with disaster and recovery capabilities,” said the report.

Very few of the governments attacked with ransomware — only three out of 55 — actually paid the requested ransom, the report noted. Lake City and Riviera Beach, two towns in Florida, paid ransoms in June worth about $500,000 and $600,000 respectively; LaPorte County in Indiana paid about $130,000 to recover data the following month.

Despite heeding the FBI’s advice, ransomware victims who refuse to reward cybercriminals have suffered serious financial setbacks nonetheless. Budget officials in Baltimore previously said that Maryland’s largest city expects to spend $18 million on expenses related to a ransomware attack in May for which it refused to pay.

Sign up for Daily Newsletters

Copyright © 2019 The Washington Times, LLC. Click here for reprint permission.

The Washington Times Comment Policy

The Washington Times welcomes your comments on Spot.im, our third-party provider. Please read our Comment Policy before commenting.

 

Click to Read More and View Comments

Click to Hide