As of last week, Huber Heights, Ohio, with a population of 45,000 was still reeling from a ransomware attack that had taken place a few weeks earlier. According to an article in the Dayton News, it was still unclear precisely what information had been illicitly stolen from the community’s computers.

This incident has become all too familiar. “Hackers continue to relentlessly attack local governments, looking for any weaknesses to exploit, reported the National League of Cities on November 29th. The scope of the problem was graphically illustrated in an August 2023 study by Sophos, which stated that “the rate of ransomware attacks in state and local government has increased from 58% to 69% year over year, contrary to the global cross-sector trend, which has remained constant at 66% in our 2023 and 2022 surveys.” 

The Sophos research pointed to another alarming statistic: “The proportion of state and local government organizations paying higher ransoms has increased from our 2022 study, with over a quarter of organizations (28%) reporting payments of $1 million or more compared to 5% (with rounding) the year prior. Conversely, 60% paid less than $100,000, down from 90% in last year’s report.”

We bring this up right now thanks to an excellent article in the December 8 edition of the newsletter, Dark Reading (which focuses on cybersecurity issues) that reported that “Municipalities in the United States, and globally are experiencing a fresh wave of ransomware attacks, with even big cities like Dallas falling to the gangs’ activities. As this string of cyberattacks continues, it highlights how a historically unprepared sector remains in desperate need of implementing viable cybersecurity defenses and solution.”

Based on conversations we’ve had over the course of time, municipalities – particularly smaller ones – are particularly vulnerable to these attacks as they frequently don’t have sufficient staff or funds to effectively fight them off. That’s not going to change anytime soon. And neither are the ransomware attacks.

#StateandLocalGovernmentCybersecurity #StateandLocalRansomware #NationalLeagueofCities #AcceleratingRansomwareAttacks #StateandLocalGovernmentRiskManagement #CityRansomwarePayment #Sophos #B&GWeeklyManagementSelection #DedicatedtoStateandLocalGovernement #StateandLocalGovernmentManagement #StateandLocalGovernmentPerformance