Local governments biggest target of ransomware attacks in 2020

Barracuda research shows 44 percent of all ransomware attacks are aimed at municipalities

Posted 28 August 2020 by Christine Horton

Local government bodies are the most likely target for ransomware attacks, according to new threat spotlight research from Barracuda Networks

The research, which identified and analysed 71 global ransomware incidents in the last 12 months, found that 44 percent of all observed ransomware attacks in 2020 have been aimed at municipalities.

Fleming Shi, CTO for Barracuda Networks said attacks have been growing rapidly in recent years. They have been spurred on “by complicated geopolitical circumstances, more recently the coronavirus pandemic, and the fact that ransom payments from corporations and municipalities are becoming more common.”

Worryingly, researchers also observed that ransomware attacks facing education and healthcare institutions are on the rise, in a malicious attempt to capitalise on the coronavirus pandemic.

In fact, the percentage of ransomware attacks facing education institutions has more than doubled from six percent to 15 percent between 2019 and 2020. Healthcare has seen a two percent increase in ransomware attacks, rising from 21 percent of all recorded global attacks in 2019 to 23 percent in 2020.

Making payments

Of the cases studied, 14 percent were confirmed to have paid the ransom, and the average payment was $1,652,66 (roughly £1,260,000).

What’s more, a full 15 percent of the municipalities are confirmed to have made ransomware payments, which is a significant change compared to last year, when almost no local governments paid any ransom. In one prolific example, a ransomware attack on Redcar and Cleveland council’s computer system in the UK, reportedly cost the local authority £10.4 million.

“Combatting this issue requires blocking the threat from the source, using advanced inbound and outbound security techniques that go beyond the traditional gateway,” said Shi. “This includes using machine-learning enabled software to close the technical and human error gaps often found in an organisation.

“Other techniques such as subscribing to IP blacklists, using advanced firewalls and malware detection, implementing user-awareness training, and utilising data backup solutions, are all very effective and strongly advised.”