Even Cities Aren’t Immune to Ransomware

Ransomware hasn’t let up. It is important to understand that any organization, of any kind, is a potential target of a ransomware attack - and yes, this includes municipalities. In fact, since 2013, over 170 government systems at the county, city, or state levels have been attacked.

These numbers, by the way, come from a cybersecurity firm, as neither the federal government nor the Federal Bureau of Investigation track these kinds of attacks.

As of May 10, of this year, there were 22 known attacks on the public sector. Unfortunately, there are likely more that we just don’t know about yet, as reports of these attacks usually crawl in months or even years after the fact.

March Attacks

March saw a few ransomware attacks on municipalities. The sheriff’s office in Fisher County, Texas, was infected and couldn’t connect to a state law enforcement database as a result.

In Albany, New York, the capital city quietly announced that it had been victimized by a Saturday ransomware attack - a tactical choice on the part of the hackers, as there would be nobody there to fight back on the weekend. While the city initially gave an understated account of the attack’s effect, the real problems were much larger than a few belated marriage licenses and birth certificates.

In addition to the clerical delays, the ransomware attack had also impacted the Albany Police Department’s systems. As these systems are effectively entirely digitized, the department was left without their incident reports, crime reports, and even their schedules.

April Attacks

April saw the entirety of Genesee County, Michigan’s tax department shut down by ransomware for most of the month. The infection has since been removed.

May Attacks

May has been exemplified by the complete shutdown of Baltimore, Maryland, due to an attack using a ransomware known as RobinHood. As a result of this attack, government emails can’t be sent, payments to city departments are on hold, and real estate transactions have been paused.

While RobinHood leverages a notoriously powerful algorithm - even the National Security Agency may not be able to break it, according to cybersecurity expert Avi Rubin - it doesn’t help that Baltimore was also using outdated hardware and software.

Baltimore City Mayor Jack Young has already gone on record to state that the city will not be paying the ransom of 13 Bitcoins, or approximately $100,000. Instead, the FBI and Secret Service have been called in, along with assorted cybersecurity experts. Despite these resources, the city isn’t expected to recover for months.

Rubin provided some insight into why not paying the ransom is the right call for Baltimore, pointing out that if nobody paid the demanded ransoms, these kinds of attacks would quickly go out of fashion. However, many companies struck by ransomware will quietly pay up.

Analysis has found that a full 45 percent of affected organizations ultimately pay the ransom to try and get their data back, while 17 percent of state and local governments will fork over the demanded cash.

At BNMC, we have some experience in dealing with these kinds of things, which means we can confidently agree with the actions of Mayor Young and the statements made by Rubin - paid ransoms only encourage future ransomware attacks. What’s worse, what guarantee is there that any data will be restored even after payment is made?

No guarantee at all.

That’s why we’ve dedicated ourselves to assisting business users in protecting themselves against ransomware. Give us a call at (978) 482-2020 to find out more.