As large private-sector enterprises have shored up their cybersecurity defenses, hackers have turned to launching ransomware attacks on small- and medium-sized businesses (SMBs) and local governments. In 2019, over 163 attacks struck local and county governments across the U.S., costing them millions of dollars in ransom payments and tens of millions more in recovery costs. Security experts expect attacks to accelerate throughout 2020, with attacks becoming more targeted and sophisticated; and we know that coronavirus-themed ransomware attacks are already occurring.
Hackers see local governments as easy targets for several reasons. They tend to be cash-strapped; most states dedicate less than 3% of their IT budgets to cybersecurity, while the private sector devotes more than 10%. Taking down a local government’s systems also has severe real-life repercussions on citizens, giving municipalities extra incentive to simply pay whatever hackers are demanding to get back online as soon as possible. In June 2019, two small cities in Florida paid hackers $600,000 and $500,000 respectively to regain access to their systems.
However, paying the ransom isn’t a guaranteed solution; about 20% of organizations that pay up do not regain access. Giving hackers exactly what they want also encourages further attacks.
Preventing ransomware attacks without breaking the bank
The best solution is to prevent ransomware attacks from happening in the first place through a combination of proactive security initiatives and technologies. However, municipal governments feel they cannot afford the robust cybersecurity they need to defend themselves. Most big players in the cybersecurity industry focus on large enterprises. Their “SMB plans” offer woefully insufficient protection and place the onus of threat analysis and response on the municipality, which almost always lacks the security tools and in-house expertise to perform these duties effectively.
It doesn’t need to be this way. Layered security solutions are available that combine advanced technologies with skilled security analysts to offer comprehensive protection at a price that small local governments can afford.
For more information, download our free whitepaper, Preventing Ransomware Attacks: Strategies for Local Governments.