In 2019, government organizations were the intended targets of nearly two-thirds of all known ransomware attacks in the United States. While many of these events go unreported, at least 70 state and local governments are known to have been attacked last year alone, representing a notable uptick from prior years. Ransomware attacks generally take the form of hackers obtaining access to a network and deploying malware to encrypt the victim’s data; they then charge a ransom in order for the victim to regain access to their data.
These attacks can bring government operations to a standstill, and result in costs to the municipality that range from tens of thousands to tens of millions of dollars to return to full capacity. It is estimated that between April and June of 2019, government victims of ransomware attacks paid an average ransom of over $300,000. However, even when the financial demands were met, the hackers did not always remit control, and the integrity of the system remained compromised.