Researchers say most ransomware attacks have targeted smaller municipalities that govern populations with fewer than 50,000 people. File Photo by Pixabay/Kewl
Aug. 29 (UPI) -- A new analysis found that three-quarters of ransomware attacks over the past year have targeted local government institutions.
The report by security researchers at Barracuda examined attacks that hit 55 schools, libraries, courts and other municipal entities in cities and towns so far this year, finding that hackers are targeting the most vulnerable targets to maximize ransoms.
Of the 55 attacks, 38 targeted city governments, 14 were aimed at county governments and three were on state governments, Barracuda said.
Sixteen percent of the municipalities attacked were cities with populations of more than 300,000, while 45 percent targeted governments with populations of less than 50,000. About a quarter had less than 15,000.
"Smaller towns are often more vulnerable because they lack the technology or resources to protect against ransomware attacks," Barracuda researchers wrote.
Recent attacks have hit municipalities in Texas, Maryland, Florida, North Carolina, Georgia, Louisiana and Kentucky. Some have opted to pay the ransom.
None of the larger cities targeted, like Baltimore in May, agreed to pay the hackers -- but the two smaller Florida municipalities, Riviera Beach and Lake City, did, paying out more than a combined $1 million. Indiana's La Porte County also recently paid $130,000 to regain control of its compromised files.
Barracuda's report doesn't even include all of the fully documented ransomware attacks. It accounts for just seven of nearly two dozen that hit Texas entities this month.
Experts say, given the high-profile nature of recent scams and the success of some, the spike in ransomware attacks in 2019 isn't much of a surprise.
"No one ever just gets hit once by this kind of attack or any kind of extortion, They hit you for a small amount and they keep coming back because they know you're inclined to pay out," Alex Heid, chief of research and development at SecurityScorecard, told UPI in June.
Aside from paying ransoms, this year's ransomware attacks have also caused severe financial losses due to downtime, recovery costs and other expenses. An attack on Atlanta's government last year cost the city $18 million in recovery, and Baltimore estimated it would take a similar amount to recover from its attack in May.
Cybersecurity Ventures predicts damages from ransomware attacks will surge by $3.5 billion to $11.5 billion by the end of the year.
Private and government authorities discourage victims from paying for ransomware attacks, largely because they believe it only emboldens hackers to repeat their crimes. Barracuda's report indicates that may be a significant factor in the surge in attacks, which have not been limited to the United States.
"Ransomware used in recent attacks against state and local governments includes Ryuk, SamSam, LockerGoga and RobbinHood," the report said.
"While this study focused on attacks in the United States, there have been similar attacks globally, with attacks hitting four communities of varying sizing in Canada, as well the Dublin tram system in Ireland and power utilities in India and South Africa."
Researchers recommend a number of preventative measures, but say the best weapon against cyberattacks is information.
"Education is the key, Ransomware is an ever-evolving industry. What I know right now maybe doesn't apply 10 to 15 minutes from now," Zohar Pinhasi, CEO of cybersecurity firm MonsterCloud, told UPI this summer.