Posted on July 13, 2019 at 6:58 PM

U.S. Mayors Stand United: Saying ‘No’ to Hackers’ Ransom Demands

Hacking attacks have been becoming bolder, larger, more sophisticated, and more dangerous with every passing year. After targeting individuals, companies, and even governments, hackers now appear to be making more attacks on cities than ever, particularly in the US.

However, the US Conference of Mayors decided not to give in. Instead, it passed a resolution that calls on US towns and cities to refuse to pay, even if their systems end up being under hackers’ control. The initiative was sponsored by the mayor of Baltimore, Jack Young. Young’s city suffered a massive cyber attack earlier this year, in May. Hackers were pressuring him to pay $76,000 in cryptocurrencies, but Young refused.

Young believes that paying ransoms will only show that cities are willing to allow such illegal behavior, which must not be encouraged in any way. The situation is already bad enough, since attacks against local and state governments have been on a sharp increase in the last year. Not to mention the fact that there were ransomware attacks on more than 170 city, county, or state government systems between 2013 and 2019.

The new measure against ransom payments was co-sponsored by Carolyn Goodman, the mayor of Las Vegas. Goodman admitted that her city did not suffer from successful cyber attacks. However, that does not mean that there is no danger, as there are at least 250,000 attempts to access the city’s systems per month. She also expressed worry about some cities’ willingness to pay the ransom, stating that doing so would show hackers that they are willing victims. After that, hackers would simply keep coming back.

A lot of cities that were hit by hackers refused to pay, such as Atlanta, which was also attacked earlier this year. However, there are also many that did pay, including Florida’s Lake City, which recently paid 42 BTC, which is around $460,000 after being hit by malware attack ‘Triple Threat.’ Another case of a city that did decide to pay, also located in Florida, is Riviera Beach, which decided to pay 65 BTC, or $600,000 to hackers that took over the city’s computers, paralyzing them in the process.

Data breaches dropping, but the financial impact of attacks surges

Another recent report, published by the Internet Society’s OTA (Online Trust Alliance) claims that the total number of ransomware attacks was significantly lower in 2018, after which it started rising in the last few months of the year, and the first half of 2019. Local governments appear to be the best targets, as they use outdated technology, with old software that did not receive any updates in a long time.

Ransomware financial impact rose by around 60%, losses from BEC (Business Email Compromise) grew double in number, while cryptojacking tripled. All of this comes despite the fact that the total number of breaches and exposed records dropped in 2018. With all of that in mind, experts believe that online criminals are becoming more skilled in monetizing their activities. As a result, around two million cyber attacks recorded in 2018 resulted in a $45 billion-large losses. These are, of course, only OTA estimates, with the actual numbers possibly being quite higher.

OTA’s technical director, Jeff Wilbur, called the situation grim. Cybercrime’s financial impact is up significantly, according to him, which is why the number of incidents and the height of the financial impact is higher than ever, despite fewer data breaches.

OTA’s report also points out that some of the major trends include cryptojacking, deceptive emails, attacks via third parties, cloud issues, and more. However, the report also insists that most of the attacks (95%) could have been avoided with a simple and common-sense approach to improving security. Hackers do not have a new weapon in their arsenal, but instead — they simply rely on the lack of awareness, knowledge, and responsibility when it comes to keeping systems secure.