Over the past year there has been a worrying trend of government agencies being hit by ransomware, with nearly a fifth of them actually paying up. Currently this is sweeping the US, with over 50 reported successful attacks in the past year alone. Who knows how many there were that were not reported? This hasn’t seemed to hit the UK as hard so far, although the big hit on the NHS in 2017 is a sign that we are under threat too.
A worrying problem with the US government agencies is that they tend to not have the infrastructure in place to deal with the fallout from a ransomware attack. There often isn’t a backup solution in place to simply retrieve the information, so they are coughing up ransomware demands of up to $460,000, as Lake City in North Florida did recently.
The alternative to paying is rebuilding everything from the ground up, but this can be even more costly in the long run. Atlanta and Baltimore refused to pay $51,000 and $75,000 respectively, but the combined cleanup has cost them over $25,000,000. This isn’t to say that they should have paid; their systems may still be vulnerable after paying and they may have not even got their data back.
However, it isn’t all big attacks on local governments. Some are segmented much smaller, hitting targets such as libraries, schools, housing authorities, etc. There are reports of these companies having to get out old typewriters to work as their systems were down for so long. This shouldn’t be acceptable 20 years into the 21st century.