Home Malware Deloitte: 8 things municipal governments can do about ransomware

Deloitte: 8 things municipal governments can do about ransomware

by ethhack

The IT systems of the City of Durham and Durham County in North Carolina have been shuttered since a successful ransomware attack struck the municipalities on the evening of March 6. Although details are still sketchy, the North Carolina Bureau of Investigation indicated the attackers used Russian-made malware known as Ryuk.

Durham joins a growing list of local governments grappling with the latest security scourge sweeping the country: ransomware attacks against poorly fortified local government systems that are ill-prepared to recover from these assaults. Municipal governments like Durham are attractive targets for ransomware attackers as more governments are being held hostage more frequently and for more money, according to a new report released today by Deloitte’s Center for Government Insights that examines trends in ransomware attacks on state and local governments.

According to the report, in 2019 governments reported 163 ransomware attacks, a nearly 150% increase from 2018, with more than $1.8 million in ransoms paid and tens of millions of dollars spent on recovery costs. Tight budgets, a growing attack surface and inadequate cybersecurity talent are the top reasons that cities struggle with the attacks, the report said.

Why municipalities are favored ransomware targets

The wider attack surface is emerging as cities deploy more computers and connect their networks to a wider array of services, from traffic light systems to ambulances to garbage trucks, according to Deloitte. At the same time, tight fiscal budgets constrain cities modernization efforts, including the adoption of new cybersecurity tools. Finally, local governments struggle to attract the cybersecurity talent they need, the report says. A biannual NASCIO/Deloitte cybersecurity survey found a lack of budget to be the top concern of state-level CISOs every year since 2010, the report notes.

“Local and state governments have consistently not invested in cyber because they don’t have the funding,” Srini Subramanian, principal, Deloitte & Touche and cyber state and higher education sector leader, tells CSO. “The second is the proliferation of services that they need to offer to their citizens in an online and internet based medium. Third is that the state and locals really don’t have a chance to keep up bringing cyber talent.”

Cyber insurance ransom payments might increase ransomware risk

Another factor driving the rise in the number of municipal ransomware attacks is the growing prevalence of cybersecurity insurance among state and local governments. “We believe that part of the problem, the reason why there is so much more payment of ransom [by local governments] is potentially because of the cyber insurance. The cyber insurers figure that paying ransom is probably the quick way for the services to come back online and possibly a more cost-effective way of dealing with an attack,” Subramanian says, giving attackers a greater financial incentive to hit cities.

Copyright © 2020 IDG Communications, Inc.

Source link

Related Articles

Leave a Comment