Smart Cities News12 Jul 2019by SmartCitiesWorld news team
As research finds ransomware attacks against governments on the rise, the US Conference of Mayors has passed a resolution calling on cities not to pay assailants after cyber-attacks.
Baltimore is one of the cities that refused to pay a ransom after a cyber-attack
The US Conference of Mayors has passed a resolution that calls on cities not to pay the ransom from a cyber-attack. It was sponsored by Jack Young, mayor of Baltimore, whose city suffered a crippling attack in May and which refused to pay around $76,000 in bitcoin to hackers.
It comes at a time when ransomware attacks against state and local governments in 2018 and early 2019 are on the increase, finds a new report. Meanwhile, according to the resolution, at least 170 county, city or state government system have experienced a ransomware attack since 2013.
Sending a message to hackers
Mayor Young said in a statement that “paying ransoms only gives incentive for more people to engage in this type of illegal behaviour”.
The measure was co-sponsored by Las Vegas mayor, Carolyn Goodman, who was quoted in the Wall Street Journal as saying that while her city hadn’t been hit by ransomware, her IT director warns that a quarter-million attempts at illegal access to city systems are made each month.
She said she worries that funding hackers shows cities are “a willing victim”: “And there’s no end, because everything is going to develop to be more sophisticated,” she said.
Atlanta also refused to pay following its cyber-attack earlier this year but some cities have paid up. The City of Lake City in Florida, US, recently agreed to pay 42 bitcoin (around $460,000/ €408,000) in ransom, following a malware attack known as a ‘Triple Threat’ and in June leaders of Riviera Beach, Florida, voted to pay almost $600,000 (€532,000/65 bitcoin) in ransom to hackers who had paralysed the city’s computer systems.
“The financial impact of cyber-crime is up significantly and cyber-criminals are becoming more skilled at profiting from their attacks”
According to a new report from the Internet Society’s Online Trust Alliance (OTA), while the total number of ransomware attacks was down in 2018, the OTA report noted a troubling rise in reported ransomware attacks against state and local governments in 2018 and early 2019.
The OTA said that local governments are particularly vulnerable given that they often rely on outdated technology and are running old software and operating systems.
Overall financial impact
Across all respondents in sample, the Cyber Incident & Breach Trends Reportfound the financial impact of ransomware rose by 60 per cent, losses from business email compromise (BEC) doubled, and cryptojacking incidents more than tripled, all despite the fact that overall breaches and exposed records were down in 2018.
The data shows that cyber-criminals are getting better at monetising their activities, with OTA estimating the more than two million cyber incidents in 2018 resulted in over $45 billion in losses, with the actual numbers expected to be much higher as many cyber incidents are never reported.
“Paying ransoms only gives incentive for more people to engage in this type of illegal behaviour”
“While it’s tempting to celebrate a decreasing number of breaches overall, the findings of our report are grim,” said Jeff Wilbur, technical director of the Internet Society’s Online Trust Alliance.
“The financial impact of cyber-crime is up significantly and cyber criminals are becoming more skilled at profiting from their attacks. So, while there may be fewer data breaches, the number of cyber incidents and their financial impact is far greater than we’ve seen in the past.”
Among the other to trends in the report are:
- the rise of cryptojacking: this is due to the increasing prevalence of cryptocurrencies. Cryptojacking is aimed at hijacking devices to harness computer power at scale to efficiently mine cryptocurrency;
- deceptive email: though well-known as an attack vector, business email compromise doubled in 2018, resulting in $1.3 billion in losses as employees were deceived into sending funds or gift cards to attackers who use email to impersonate vendors or executives;
- attacks via third parties: these include supply chain attacks and are where attackers infiltrate via third-party website content, vendors’ software or third-parties’ credentials. The most notable 2018 attack was Magecart, which infected the payment forms on more than 6,400 e-commerce sites worldwide;
- issues in the cloud: 2018 brought a rash of sensitive data being left open to the Internet due to misconfigured cloud services and the report noted that one common problem with cloud computing isn’t even a true “attack”, but user error.
OTA calculated that in 2018, 95 per cent of all breaches could have been avoided through simple and common-sense approaches to improving security. The report provides a checklist.
“Our report findings indicate that cyber criminals are using their infiltration ability to focus on new, more lucrative attacks,” continued Wilbur. “Staying up-to-date on the latest security safeguards and best practices is crucial to preventing attacks in the future.”