Ransomware attacks on the rise

An upstate New York school district delayed the start of the school year on Wednesday after a ransomware attack hampered its operations. The Orange County school district joins an unhappy parade of municipalities that have fallen victim to hackers. 

Two Long Island school districts were hit by ransomware earlier this summer. Last month, nearly two dozen cities in Texas fell victim to what has been called a “coordinated” attack.

In the first half of the year, more than 50 cities or towns were the victims of ransomware attacks this year, according to a recent report from Barracuda, a cybersecurity firm. Indeed, two-thirds of more than 70 ransomware attacks tracked in the U.S. focused on local or state governments, according to the report. 

“Local, county, and state governments have all been targets, including schools, libraries, courts, and other entities,” it found.

Smaller locations are at particular risk. Nearly half of the municipalities attacked had between 15,000 and 50,000 residents. A quarter had fewer than 15,000 residents, Barracuda said, noting that “smaller towns are often more vulnerable because they lack the technology or resources to protect against ransomware attacks.”

The average ransom payout in the second quarter of this year was $36,295, according to a report by Coveware. That’s nearly triple the average payment in the prior quarter. In the third quarter of 2018, when Coveware first started tracking payments, the average was $5,973.

Ransomware attacks have been on the rise in recent years because of how profitable they can be for attackers — and smaller cities are an attractive target. In addition to lacking resources, cities are often dealing with taxpayer money and so may elect to pay a ransom rather than try to recover their data in another way, said Wendi Whitmore, vice president of X-Force Threat Intelligence at IBM Security.

“We are definitely seeing more, and we see them because attackers see that they’re successful,” said Whitmore. 

“A lot of times we have clients think it’s a one-time cost,” she added. But “If you pay the ransom, you still have to fix the [security] problem so the same thing doesn’t happen tomorrow.”