- State and local governments confronted a spike in ransomware attacks during 2021, with nearly 6 in 10 organizations getting hit, up from one-third in 2020, according to Sophos research released Wednesday.
- Almost three-quarters of state and local government organizations attacked by ransomware last year had their data encrypted during the attack. Just 1 in 5 of those organizations successfully stopped the ransomware attack before data encryption occurred, the report said.
- While the rate of ransomware attacks on local and state government organizations was lower than the combined average across all sectors, post-attack encryption rates were among the highest at more than 7 in 10.
There’s a stark difference between state and local governments’ experiences with ransomware and organizations in other sectors.
Government organizations are more reluctant to pay ransoms, with about 3 in 10 reporting a ransom was paid to restore encrypted data, compared to almost half of all other organizations combined, according to Sophos. The average ransom payment for government organizations was $213,000, less than one-third of the global average.
Government organizations that had data encrypted after an attack were less likely to have backups at the ready than the global average across all sectors. About 6 in 10 of these government organizations had backups compared to the 7 in 10 average, the study concluded.
The ongoing challenges in state and local government cybersecurity signify the extent to which additional funding, training and support are required, according to Chester Wisniewski, principal research scientist at Sophos.
“Security is not something you buy, rather it is something you do and it must be done continuously if we want to see meaningful improvement,” Wisniewski said in a statement.
The survey was commissioned by Sophos and conducted by research firm Vanson Bourne in January and February 2022. It included responses from 5,600 IT professionals, including almost 200 in state and local government.