Mayors in the United States have collectively declared that they’ll no longer meet attackers’ ransom demands in connection to a digital security event.
At its 87th annual meeting, the U.S. Conference of Mayors approved a resolution entitled, “Opposing Payment To Ransomeware Attack Perpetrators.” This decree makes clear that the Conference, the official non-partisan organization of cities with populations of at least 30,000 people, will no longer work with attackers in the event of a ransomware infection. As quoted in the passed motion:
…[P]aying ransomware attackers encourages continued attacks on other government systems, as perpetrators financially benefit[.]… [T]he United States Conference of Mayors has a vested interest in de-incentivizing these attacks to prevent further harm[.] [N]ow, therefore, be it resolved, that the United States Conference of Mayors stands united against paying ransoms in the event of an IT security breach.
In its resolution, the U.S. Conference of Mayors notes that at least 170 county, city and state governments have suffered a ransomware attack since 2013. Twenty-two of those infections occurred in 2019 alone, and in some cases, government officials agreed to meet the attackers’ demands. As an example, two cities in Florida paid $1.1 million between them in June in order to recover their files from ransomware attackers.
These incidents come at a time when digital attacks against U.S. local governments are on the rise. In May 2019, Recorded Future published a report in which it noted how ransomware attacks affecting local governments had increased from 46 in 2016 to 53 in 2018. The threat intelligence provider found that most of these attacks were campaigns of opportunity and not targeted in nature.
Acknowledging these findings, local governments should endeavor to protect themselves against ransomware attackers. They can begin by following these tips to prevent an infection in the first place. From there, they should aim to defend their critical assets against known threats and zero-day attacks using a sophisticated solution like Tripwire Malware Detection.