New Data Shows Increase in Sophistication and Frequency of Ransomware Attacks on State and Local Governments
WASHINGTON, March 11, 2020 /PRNewswire/ -- Cybercriminals are holding governments hostage more frequently, expanding their attack base, and asking for more money, according to "Ransoming Government: What state and local government can do to break free from ransomware attacks," a new report released today by Deloitte's Center for Government Insights. The study explores the rising trend in ransomware attacks on state and local governments. It also discusses the dilemma of paying or not paying criminals, with the risk of losing access to critical data or the ability to provide services. Government organizations can take simple steps to secure information technology infrastructure and improve resilience.
"State and local governments should live and plan with the reality that their critical systems and data will be attacked," said Srini Subramanian, principal, Deloitte & Touche LLP, and cyber state and higher education sector leader. "Even with cyber-insurance and preventive measures in place, the growing frequency and sophistication of attacks calls for government entities to perform cyber health checks and revisit resilience strategies. The effort more than pays off. Governments can be better positioned to defend against catastrophic events that are expensive to recover from and could impact public safety and trust."
In 2019 alone, governments reported 163 ransomware attacks with more than $1.8 million dollars in ransoms paid and tens of millions of dollars spent on recovery csts, a nearly 150% increase in reported attacks from 2018. According to the report, refusing to pay ransom demands may be the principled option, but it also may be far more expensive. For example, the city of Baltimore refused a $76,000 ransom demand, only to suffer over $18 million in recovery costs and lost revenues.
Sensing the vulnerability of state and local governments, criminal enterprises are demanding nearly 10 times what they demand from commercial entities. To combat this growing risk, the report outlines several key considerations for organizations to move forward in this new reality.
"Connected devices, digital systems and integrated data mean governments have the opportunity to serve people and communities like never before," said Deborah Golden, principal, Deloitte & Touche LLP, and cyber risk services leader. "It also means there is a large surface for cyber criminals to attack local governments and hold sensitive citizen data hostage. Government officials need to understand the risk involved if their systems and data were suddenly gone or rendered useless."
Read the full report on Deloitte.com.
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee ("DTTL"), its network of member firms, and their related entities. DTTL and each of its member firms are legally separate and independent entities. DTTL (also referred to as "Deloitte Global") does not provide services to clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities that operate using the "Deloitte" name in the United States and their respective affiliates. Certain services may not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.com/about to learn more about our global network of member firms.
View original content to download multimedia:http://www.prnewswire.com/news-releases/new-data-shows-increase-in-sophistication-and-frequency-of-ransomware-attacks-on-state-and-local-governments-301020735.html
How to Strategically Leverage New Connectivity Options
Smart City with a Social Conscience