Local governments target of ransomware attacks in 2020
Local government bodies are the most likely target for ransomware attacks, according to new threat spotlight research from Barracuda Networks. The research, which identified and analysed 71 global ransomware incidents in the last 112 months, found that 44% of all observed ransomware attacks in 2020 have been aimed at municipalities.
Worryingly, Barracuda researchers also observed that ransomware attacks facing global education and healthcare institutions are on the rise, in a malicious attempt to capitalise on the coronavirus pandemic. In fact, the percentage of ransomware attacks facing education institutions has more than doubled from six to 15% between 2019 and 2020. Healthcare, however, has seen a two percent increase in ransomware attacks, rising from 21% of all recorded global attacks in 2019 to 23% in 2020.
Logistics-related attacks are also on the rise. Six notable ransomware attacks were examined since last July. These attacks on logistics companies can seriously hamper the ability to move goods, including medical equipment, personal protective equipment, and everyday products.
Of the cases studied, 14% were confirmed to have paid the ransom, and the average payment was $1,652,66 (roughly £1,260,000).
What’s more, a full 15% of the municipalities are confirmed to have made ransomware payments, which is a significant change compared to last year, when almost no local governments paid any ransom. In one prolific example, a ransomware attack on Redcar and Cleveland council’s computer system in the UK, reportedly cost the local authority £10.4 million.
Fleming Shi, CTO for Barracuda Networks, said: “The quantity of ransomware attacks facing all types of organisations have been growing rapidly in recent years, having been spurred on by complicated geopolitical circumstances, more recently the coronavirus pandemic, and the fact that ransom payments from corporations and municipalities are becoming more common.
“Combatting this issue requires blocking the threat from the source, using advanced inbound and outbound security techniques that go beyond the traditional gateway. This includes using machine-learning enabled software to close the technical and human error gaps often found in an organisation.
“Other techniques such as subscribing to IP blacklists, using advanced firewalls and malware detection, implementing user-awareness training, and utilising data backup solutions, are all very effective and strongly advised.”
Ransomware attacks involve the use of malicious software, often delivered via an email attachment or URL link, to infest the network and lock an email, data or other critical file until a ransom is paid. With the pandemic putting millions of workers at home, cybercriminals gained a larger attack surface as the result of the fast and widespread shift to remote work, and the weak security of home networks makes it easier for cybercriminals to compromise them, move laterally to business networks, and launch ransomware attacks.