A new wave of ransomware attacks is hitting American and international municipalities; even major towns like Dallas are falling victim to gang activity. The ongoing wave of assaults emphasises how desperately a historically unprepared sector has to deploy effective cybersecurity defences and solutions.
One of the best examples of the trend was when, on November 7, the Play ransomware group threatened to disclose additional details if they did not receive the money they wanted to post information they said they had taken from Dallas County in an alleged ransomware attack. The county gave a cybersecurity update that same day, mentioning an ongoing investigation and cooperation with law enforcement.
"Dallas County is aware of an unauthorized party posting data claimed to be taken from our systems in connection with our recent cybersecurity incident," the update reads. "We are currently in the process of thoroughly reviewing the data in question to determine its authenticity and potential impact.”
Surge in ransomware attacks
Unfortunately, this was not a one-time occurrence. The potential compromise comes just months after the city of Dallas was struck by a different cyberattack that impacted municipal services such as 311 calls, libraries, animal shelters, safety departments, and online payment systems. This was not the first time the attacker, the Royal ransomware organisation, had hit the city.
Another example of the conflict between ransomware groups and governments occurred on September 29 when Rock County, Wisconsin, witnessed a cyberattack against its Public Health Department, crippling its computer systems. The Cuba ransomware gang claimed responsibility for the attack and stated that the stolen data comprised financial papers and tax information.
The trend isn't restricted to the United States: On October 30, 70 towns in Germany were struck by a ransomware outbreak after a service provider was forced to block access to prevent malware propagation. Prior to that, schools in Hungary and Slovakia were targeted by ESXiArgs ransomware. The Florida Supreme Court, Georgia Institute of Technology, and Rice University have all been targeted.
"There is an uptick in ransomware attacks across almost all industries and organization types in the past 12 months," says Erich Kron, security awareness advocate at KnowBe4, "with record-breaking amounts of ransomware attacks, financial impact from ransomware, and a variety of ransomware-enabling tools and ransomware-as-a-service (RaaS) providers on the market."
According to a Sophos study on ransomware attacks, "the rate of ransomware attacks in state and local government has increased from 58% to 69% year on year, contrary to the global cross-sector trend, which has remained constant at 66% in our 2023 and 2022 surveys."
However, since the potential of ransomware attacks on municipalities remains significant, security safeguards for these targets remain limited.