Local government bodies are more likely to be targeted by ransomware attacks than any other type of organization, according to a new study by Barracuda Networks, which looked at 71 global ransomware incidents over the last 12 months.
It found that 44% of global ransomware attacks that have taken place so far in 2020 have been aimed at municipalities, which is virtually the same proportion as in 2019 (45%). Barracuda highlighted the attack on Redcar and Cleveland council’s computer system in the UK, which is believed to have cost the local authority over £10m.
Of the municipalities subjected to ransomware attacks in 2020, 15% have confirmed they have made payments, compared to no ransoms being paid last year.
The analysis also found there has been a significant rise in ransomware attacks against education and healthcare institutions this year compared with 2019 (15% versus 6% and 23% versus 21%, respectively). This suggests cyber-criminals are attempting to take advantage of the disruption caused by COVID-19 on these sectors, such as an increase in digital learning methods at schools and universities and more under pressure healthcare systems.
There has also been rise in ransomware attacks against logistics companies, with six notable incidents observed since July 2019.
Overall, a ransom was paid in 14% of cases, with an average payment of $1652,66.
Fleming Shi, CTO of Barracuda Networks, commented: “The quantity of ransomware attacks facing all types of organizations has been growing rapidly in recent years, having been spurred on by complicated geopolitical circumstances, more recently the coronavirus pandemic, and the fact that ransom payments from corporations and municipalities are becoming more common.
“Combatting this issue requires blocking the threat from the source, using advanced inbound and outbound security techniques that go beyond the traditional gateway. This includes using machine learning-enabled software to close the technical and human error gaps often found in an organization.
“Other techniques such as subscribing to IP blacklists, using advanced firewalls and malware detection, implementing user awareness training and utilizing data backup solutions, are all very effective and strongly advised.”