- 86% of Americans believe their local government should not pay the ransom on a ransomware attack.
- 49% of Americans don’t think their government should invest in any additional cybersecurity precautions.
- Americans would rather invest in cybersecurity training and up-to-date software than ethical hackers or insurance.
Ransomware attacks have been happening since the 2000s and have evolved since then. This malicious software can take control of a computer, encrypt the data and then put a ransom on it.
Government Ransomware Attacks Are on the Rise
From the Cryptolocker to German Wiper to RobinHood, the sophistication of this software varies, but in the end, a ransom is required to regain control of the data. On a personal computer, this ransom might not be worth paying. For a government database, the stakes are much higher.
StateScoop reported that two-thirds of ransomware attacks in 2019 have targeted state and local governments. Recorded Future found that since 2013 there have been 169 ransomware incidents affecting state and local governments. In 2017, there were 38 attacks. In 2018, this number increased to 53 attacks. Within the first four months of 2019, there were already 21 recorded attacks.
Should Governments Pay the Ransom?
To find out if taxpayers think their money should be going to cybersecurity efforts as these attacks increase, we asked 1,000 Americans if they would want their government to pay a hacker’s required ransom.
86% thought the government should not pay the ransom from a ransomware attack.
14% thought the government should give in and pay the ransom.
Governments share this belief. A report by Recorded Future found that while these attacks towards governments have been on the rise, the governments aren’t paying the ransom. Their analysis showed that only 17.1% of state and local government entities paid the ransom. 70.4% confirmed that they didn’t pay the ransom.
Should Cyber Security Precautions Be Taken?
Knowing that these ransomware attacks are growing more frequent and the technology is advancing, there are some steps a government can take to strengthen their security measures. Which precautions do Americans think the government should take?
49% of Americans don’t think the government should invest in any additional cybersecurity precautions.
Taking precautions such as improving hardware and software, advancing cybersecurity training and investing in insurance can prevent an attack on your city government. However, Americans don’t want their money going toward cybersecurity precautions or the payment of ransoms when there is an attack.
5 Examples of Government Ransomware Attacks in 2019
In 2019, there have been many ransomware attacks that have targeted government facilities. Here are five examples of how governments have reacted to this type of threat.
1. Louisiana State
Date: November 2019
According to government technology, an unauthorized download of a program to a government computer caused the majority of state agency websites to shut down. The virus spread to 130 servers and affected 600 computers.
Due to a quick response and efficient security protocol, the majority of servers were shut down and no data was believed to be lost. The government didn’t pay the ransom. Those affected included the Children and Family Services department, Trucking Operations and 79 DMV offices.
2. City of Lodi, California
Date: July 2019
City employees received ransomware in the form of an email attachment. The hackers requested a ransom of 75 Bitcoins (about $400,000) to revive the compromised servers. The City of Lodi did not pay the ransom. Instead, the systems had to be re-built from backups.
The City of Lodi has cybersecurity insurance with a deductible of $50,00,0 so they were able to recoup some of the loss from correcting the issues and improving security so that it doesn’t happen again.
3. Riviera Beach, Florida
Date: June 2019
A police department employee opened a malicious email that exposed the network to malware. This caused the city email network to lock. 911 dispatchers were not able to enter calls into their system. In addition, employees and contractors couldn’t use direct deposit.
This attack lasted a few weeks before the government decided to pay the ransom of $600,000 to retrieve its records. The Riviera Beach City Council also voted to spend almost $1 million on new computers and hardware.
4. Baltimore, Maryland
Date: May 2019
The computers owned by the Baltimore city government were attacked by ransomware. To free the city’s systems, hackers demanded 13 Bitcoins (about $76,000). This ransomware was a RobbinHood variety. The Baltimore 911 system had been shut down a year prior due to hackers. This proves they were retargeted due to a weak security system.
5. Greenville, North Carolina
Date: April 2019
A member of the police department spotted RobinHood ransomware. Hackers gained access to one government computer. From there, the malware spread to 800 local government computers.
This ransomware locked emails, took payment systems offline and held up home sales. The city of Greenville did not disclose or pay the ransom. Instead, the computers were backed up. It took several weeks for those affected to gain back access.
The Cost of A Government Ransomware Attack
Ransomware attacks have many costs whether you pay the ransom or not. Items like lost files, loss of productivity during downtime and cost of experts to improve cybersecurity can take a toll. The following are some of the dangers these weak governments face.
Dangers of paying a government ransom:
- Monetary cost of the ransom can take a toll on the city
- A vulnerability in a weak local government can impact neighboring areas
- If you pay the ransom, there is a chance you still won’t get access to the kidnapped files
- Possible release of sensitive information
- Makes the city a target for future hacks
- Still requires updates in cybersecurity
Dangers of not paying a government ransom:
- Loss of kidnapped files
- Possible release of sensitive information
- Hiring someone to backup files and update security costs money
- Down-time while backing up files can cost because government departments can’t operate or have restricted function
- To prevent another attack, more advanced cybersecurity is needed
The cost of a ransomware attack isn’t just a ransom. These dangers occur during the time of the attack and continue to affect the community for months and even years to come.
In order to lessen the danger of these attacks, governments need to invest in precautionary measures. Informing on proper cybersecurity habits and investing in programs like antivirus might not catch every attack, but they can reduce the frequency and damage of them.
This study was conducted for Panda Security using Google Consumer Surveys. The sample consists of 1,000 respondents in the United States. The survey ran in November 2019.