Deloitte: 8 things municipal governments can do about ransomware

lead centered=”no”Deloitte researchers explain why state and local governments are favored for ransomware attacks and how they can protect themselves with limited resources./lead

The IT systems of the City of Durham and Durham County in North Carolina have been shuttered since a successful ransomware attack struck the municipalities on the evening of March 6. Although details are still sketchy, the North Carolina Bureau of Investigation indicated the attackers used Russian-made malware known as Ryuk.

Durham joins a growing list of local governments grappling with the latest security scourge sweeping the country: ransomware attacks against poorly fortified local government systems that are ill-prepared to recover from these assaults. Municipal governments like Durham are attractive targets for ransomware attackers as more governments are being held hostage more frequently and for more money, according to a new report released today by Deloitte’s Center for Government Insights that examines trends in ransomware attacks on state and local governments.

According to the report, in 2019 governments reported 163 ransomware attacks, a nearly 150% increase from 2018, with more than $1.8 million in ransoms paid and tens of millions of dollars spent on recovery costs. Tight budgets, a growing attack surface and inadequate cybersecurity talent are the top reasons that cities struggle with the attacks, the report said.

This article appeared in CSO Online. To read the rest of the article please visit here.