Home Budget & Tax News Local Governments Suffered Nearly a Thousand Ransomware Attacks, Report Finds

Local Governments Suffered Nearly a Thousand Ransomware Attacks, Report Finds

At least 948 government entities in the United States were attacked by ransomware hackers extorting money in 2019, a new report states.

The total cost of the attacks could exceed $7.5 billion, states the report from Emsisoft, a cybersecurity firm. The attacks were made against “103 state and municipal governments and agencies, 759 healthcare providers, and 86 universities, colleges and school districts, with operations at up to 1,224 individual schools potentially affected,” Emsisoft reports.

“The threat level is now extreme and governments must act immediately to improve their preparedness and mitigate their risks,” Emsisoft states.

The December Emsisoft report was released in response to a ransomware attack on the City of Pensacola, Florida. The perpetrators of the attack demanded a $1 million ransom in exchange for a decryption key after they stole city data and denied the city access to its own data. The next day, New Orleans Mayor LaToya Cantrell declared a state of emergency due to a cyberattack on the city which posed a potential danger to citizens’ digital information.

‘More Likely to Pay’

Criminal hackers focus on local governments as targets of attacks, rather than the federal government, “because the assets and resources aren’t there to protect them,” says David Grantham, a national security policy and counterterrorism expert.

“A lot of them piggyback and are connected to other networks that could potentially provide a hacker backdoor access,” Grantham said. “The attack strategy seems to be to go after the more vulnerable. They’re more likely to pay ransom because they don’t have the sophisticated tools to repair it. A lot of networks overlap and connect, in ways even some of the designers don’t know.”

Unlike the federal government, local governments generally don’t allocate enough spending toward protecting their digital information, says Seton Motley, president of Less Government. The answer, however, is not to raise taxes but to use existing funds more wisely, says Motley.

“One of my rules is that when someone says, ‘Let’s raise taxes,’ the unspoken assumption is that every penny we’re already raising is being spent perfectly well,” Motley said. “That’s not the case. This is a spending problem, not a revenue problem. The solution isn’t a wealth tax or a higher income tax. The solution is to spend less.”

Utilizing Private Sector

Hiring private companies to protect a government entity’s digital data is a better solution in the long run than hiring government cybersecurity personnel who get pay and benefits, Motley says.

“There are experts at this in the private sector,” Motley said. “There’s no reason to insource this. You should hire a company and keep cronyism in the hiring process to a minimum.”

Private companies can have 1,000 or more customers and are efficient because they focus on one area of service, Motley says.

“[Private companies] have their code, then they just replicate it,” Motley said. “They have the sales force to add customers and internal workforce. They say, ‘We’ll tighten up our code here.’ They’re constantly working on it and doing it in scale, rather than the government sitting and waiting for it to happen.”

This approach to private contracting follows what Motley calls the “Yellow Pages rule”: “If you can find it in the yellow pages, the government shouldn’t do it,” Motley said.

Cyber ‘Amber Alert’

If the government knows exactly what it wants out of a contract, the private sector can be a good place to go, Grantham says.

“There is a vendor for every little tool you could want,” Grantham said. “There are a lot of counties and cities that have robust IT departments in Texas. They do quite well. They went and purchased programs that assist them in their work. Smaller departments could contract some of those capabilities out to the private sector.”

Regional cooperation could help by enabling cities and other government organizations to pool resources to protect their shared networks, says Grantham. On a regional basis, city and county governments could have a secured network where they could share attack information and communicate when attacks do happen, says Grantham.

“If you’re getting hit, maybe in Houston, someone could say in El Paso, ‘Let’s go ahead and shut down our system for now until we know more,’” Grantham said. “Having a communication system, almost like an Amber Alert, would be helpful.”

Pre-911 Mentality

New Orleans did the right thing in declaring a state of emergency and being open about the problem, says Grantham, but those solutions are good only if you know what the problem is. Local governments need to be more open to sharing information with other nearby localities about digital problems in order to address them as quickly as possible, says Grantham. That will require them to overcome obsolete attitudes about cybersecurity, Grantham says.

“We’re living in a pre-9/11 world when it comes to cybersecurity,” Grantham said. “People are scared to share information about being hacked, but the only way to learn how to prevent these situations is to share. It doesn’t mean you have to expose everything, but explain how the attack was carried out and what ransomware to look for.”

Internet Info

“The State of Ransomware in the US: Report and Statistics 2019,” Emsisoft Malware Lab, December 12, 2019: https://blog.emsisoft.com/en/34822/the-state-of-ransomware-in-the-us-report-and-statistics-2019/

Bartlett Cleland, “Are You Secure? Really? How Do You Know?” The Heartland Institute, June 28, 2018: https://www.heartland.org/news-opinion/news/are-you-secure-really-how-do-you-know

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

New Study Finds Detroit Charter Schools Receive 29% Less per Pupil Than Traditional Public Schools

By Scott McClallen A new study from the University of Arkansas found the average disparity in per-pupil funding between traditional public schools and their public charter schools...

Colleges Demand Students Get Flu Shots

Public and private colleges and universities across the United States are now requiring their students to get flu shots, despite the fact that seasonal influenza rates remain low

Sweden Finds a Better Way for Tackling COVID-19

“When people are not coerced, receive rational recommendations, and get good information, they tend to cooperate. Sweden also asked people to work from home when possible, and many Swedes did so.”

Los Angeles Homicide Rate Is Highest in 10 Years, LAPD Reports

By Catherine Smith More than 300 homicides have been committed in Los Angeles, California so far this year, reversing a decade of reductions in overall crime...
- Advertisement -

Recent Comments

Randy M Verret on The Gaslight Election
S. T. Karnick on The Gaslight Election
Randy M Verret on The Gaslight Election
S. T. Karnick on The Gaslight Election
Randy M Verret on The Gaslight Election
S. T. Karnick on The Gaslight Election
Randy Verret on The Gaslight Election
Randy Verret on The Gaslight Election