The 麻豆视频鈥檚 School of Information, in collaboration with , has published an analysis of reported ransomware attacks in , that shows the majority of victims were government organizations. The report is first in a continuing series on cybersecurity topics to be published by Cyber Florida and researchers at various State University System of Florida (SUS) institutions.
In this instance, the report found that of the 18 ransomware incidents its authors reviewed, 14 targeted municipalities, counties, and other public services, and 11 of those took place in 2019, reflecting a surge in ransomware attacks targeting civic institutions across the nation in 2019. According to USF School of Information Clinical Professor of Information Security & Intelligence and Cyber Florida Executive Director Mike McConnell, VADM, USN, Ret., former director of U.S. National Intelligence and the National Security Agency, 鈥淐ybercriminals began targeting cities, school districts, and similar public services in earnest in 2019, with significant increases in the frequency of attacks and the amount demanded. These organizations are targeted because in part because the services they provide are so vital to citizens, making them even more vulnerable to cyber-based 鈥榮hutdowns鈥 for ransom, but we hope reports like this will provide government leaders with greater insight into how they can prevent or mitigate these kinds of attacks.鈥
The analysis was led by Ryan Haggard, a graduate student in the M.S. in Intelligence Studies (MSIS) program in the USF School of Information, under the supervision of Dr. Steve 鈥淪cuba鈥 Gary, Associate Professor of Practice, and relies on publicly available information and reflects their personal views. Some key takeaways from the report include:
- Public sector organizations comprised 78% of ransomware victims between 2016 and 2019
- 50% of Florida organizations refused to pay cyber-related ransoms
- 22.2% of Florida organizations agreed to pay the requested amount
- In 27.8% of cases, the outcome was not publicly reported
The report includes an in-depth analysis of the targets, the suspected perpetrators, and the tactics used to infiltrate systems and conduct the attacks. The information gathered is useful for ransomware researchers and security analysts looking for patterns and commonalities among targets and tactics to aid in preventing future attacks.