TMCnet News

New Data Shows Increase in Sophistication and Frequency of Ransomware Attacks on State and Local Governments
[March 11, 2020]

New Data Shows Increase in Sophistication and Frequency of Ransomware Attacks on State and Local Governments

WASHINGTON, March 11, 2020 /PRNewswire/ -- Cybercriminals are holding governments hostage more frequently, expanding their attack base, and asking for more money, according to "Ransoming Government: What state and local government can do to break free from ransomware attacks," a new report released today by Deloitte's Center for Government Insights. The study explores the rising trend in ransomware attacks on state and local governments. It also discusses the dilemma of paying or not paying criminals, with the risk of losing access to critical data or the ability to provide services. Government organizations can take simple steps to secure information technology infrastructure and improve resilience.

"State and local governments should live and plan with the reality that their critical systems and data will be attacked," said Srini Subramanian, principal, Deloitte & Touche LLP, and cyber state and higher education sector leader. "Even with cyber-insurance and preventive measures in place, the growing frequency and sophistication of attacks calls for government entities to perform cyber health checks and revisit resilience strategies. The effort more than pays off. Governments can be better positioned to defend against catastrophic events that are expensive to recover from and could impact public safety and trust."

In 2019 alone, governments reported 163 ransomware attacks with more than $1.8 million dollars in ransoms paid and tens of millions of dollars spent on recovery csts, a nearly 150% increase in reported attacks from 2018. According to the report, refusing to pay ransom demands may be the principled option, but it also may be far more expensive. For example, the city of Baltimore refused a $76,000 ransom demand, only to suffer over $18 million in recovery costs and lost revenues.

Sensing the vulnerability of state and local governments, criminal enterprises are demanding nearly 10 times what they demand from commercial entities. To combat this growing risk, the report outlines several key considerations for organizations to move forward in this new reality.

  • Smarter systems architecture – Many state and local governments have deferred IT modernization, which leaves governments with increasingly vulnerable networks and systems.
  • More prepared workforce – Governments should look to creative human capital approaches to train, retain and share more qualified cyber talent as well as private-public-higher education partnerships to effectively tackle cyber security.
  • Better cyber hygiene – Attention to details such as timely software patches and updates, regular system back-ups and regular training for all staff can help to reduce risk. Organizations also should look to compartmentalize data and develop air-gapped system back-ups to limit the scale of a breach.
  • Cyber insurance usage scenarios  The use of cyber insurance can be an effective strategy for governments to contain the cost of attacks. However, those that use cyber insurance to fund ransom payments may unwittingly increase the incentives for criminals by increasing the likelihood of a big payday. Build scenarios for when to leverage cyber insurance.
  • Practiced response – Governments should practice responding to cyber incidents with wargames and simulations, involving business and program leaders so they understand the threats and their roles in response and recovery.

"Connected devices, digital systems and integrated data mean governments have the opportunity to serve people and communities like never before," said Deborah Golden, principal, Deloitte & Touche LLP, and cyber risk services leader. "It also means there is a large surface for cyber criminals to attack local governments and hold sensitive citizen data hostage. Government officials need to understand the risk involved if their systems and data were suddenly gone or rendered useless."

Read the full report on

About Deloitte
Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world's most admired brands, including nearly 90% of the Fortune 500® and more than 5,000 private and middle market companies. Our people work across the industry sectors that drive and shape today's marketplace — delivering measurable and lasting results that help reinforce public trust in our capital markets, inspire clients to see challenges as opportunities to transform and thrive, and help lead the way toward a stronger economy and a healthy society. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them. Now celebrating 175 years of service, our network of member firms spans more than 150 countries and territories. Learn how Deloitte's more than 312,000 people worldwide make an impact that matters at

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see to learn more about our global network of member firms.

Cision View original content to download multimedia:

SOURCE Deloitte

[ Back To's Homepage ]