Over 100 ransomware attacks and counting

2019 has been the “year of ransomware attacks on municipalities” according to Kaspersky security experts. This comes after the company’s researchers observed that at least 174 municipal institutions, with more than 3,000 subset organisations, have been targeted by ransomware during the last year.

As if that wasn’t enough, 2019 has seen the rapid development of an earlier trend, where malware distributors have targeted municipal organisations. Researchers note that while these targets might be less capable of paying a large ransom, they are more likely to agree to cybercriminals’ demands. Blocking any municipal services directly affects the welfare of citizens and results, not only in financial losses but other socially significant and sensitive consequences.

Judging by publicly available information, the ransom amounts varied greatly, reaching up to $5,300,000 and $1,032,460 on average. The researchers noted that these figures do not accurately represent the final costs of an attack, as the long-term consequences are far more devastating.

This represents a 60% increase at least, from the figure in 2018. While threat actors’ demands would sometimes reach up to $5,000,000, actual costs and damages sustained during attacks are estimated to be larger. These are among the main findings of Kaspersky’s Security Bulletin

One must always keep in mind that paying extortionists is a short-term solution which only encourages criminals and keeps them funded to quite possibly return. In addition, once the city has been attacked, the whole infrastructure is compromised and requires an incident investigation and a thorough audit,” comments Fedor Sinitsyn, a security researcher at Kaspersky.

This inevitably results in costs that are additional to ransom. At the same time, based on our observations cities might be sometimes inclined to pay because they usually cover the cyber risks with help of insurance and allocating budgets for incident response. However the better approach would be also investing in proactive measures like proven security and backup solutions as well as regular security audit.

Leave a Reply

%d bloggers like this: