- Many cities that have fallen victim to ransomware attacks in the last two years have seen paying the ransom as the "only logical solution" to recoup civic data and protect communities, according to a new report from Deloitte.
- Governments are often vulnerable to these attacks due to the criticality of their services, poor defense systems (a result of limited modernization) and the costs of cyber insurance and cybersecurity risk analysts, the report says. Deloitte suggests the costs associated with restoring lost data and lost revenues while systems are down, can be more consequential than the costs of the ransom.
- To move forward, the report suggests cities learn to build, operate and respond well. Developing smart systems architecture where critical data is compartmentalized is an important defensive measure, as is minimizing risk by improving "cyber hygiene" and proactively investing in cybersecurity talent, the report says.
A report from the Internet Society's Online Trust Alliance (OTA) found cyberattacks in 2018 resulted in more than $45 billion in losses, and those attacks didn't slow down moving into 2019. Ransomware attacks on governments in particular spiked in 2019, according to the Deloitte, including notable attacks in Johannesburg, South Africa, and in Texas, where 23 government entities were hit with a "coordinated ransomware" attack in August.
Governments have been given mixed messages about how to handle the decision to pay ransom. Josh Zelonis, senior analyst at Forrester, told CIO Dive in July 2019 that paying ransom is just "a straightforward math problem" and should be done when it makes sense for the city's bottom line. Yet, in that same month during the U.S. Conference of Mayors annual meeting, more than 225 mayors signed a resolution to not pay ransom in the event of an attack.
It's a challenging situation to face, but the chances of a city falling victim can be drastically minimized if the right steps are taken. In its report, Deloitte notes that a ransomware attack needs "three ingredients" to be successful: a vulnerable system, encryption of data and a payment method to collect the demanded ransom. By proactively putting measures in place to protect those systems and that data, cities can effectively become a smaller target for ransomware attackers.
A report from ABI Research estimated that $135 billion will be spent in the U.S. on cybersecurity by 2024, and this spending is critical as governments are "only as powerful as the weakest link." Investing in skilled staff to implement protections can be a first step for many governments. Cybersecurity talent can help protect systems, train other government staff and run simulations for preparedness.