Emsisoft published The State of Ransomware in the US: Report and Statistics 2019, which details ransomware attacks against government agencies, educational establishments, and healthcare providers in 2019, and highlights insights and recommendations to reduce successful attacks against these entities in the coming new year. Below are some key takeaways:
In 2019, ransomware attacks impacted at least 948 government agencies, educational establishments, and healthcare providers.
Total cost of ransomware attacks in 2019 potentially exceed $7.5 billion.
Disruptions caused by ransomware incidents put public health, safety, and lives at risk.
The average ransomware incident reportedly costs $8.1 million and 287 days to fully recover.
Ransomware incidents in 2019 increased sharply due to organizations’ existing security weaknesses and the development of increasingly sophisticated attack tactics.
In some cases, governments failed to implement even the most basic of IT best practices, such as failing to have a backup mechanism in place.
Recommended initiatives include improving security standards and oversight, increasing guidance, investing more in IT security, closing the intelligence gap, having better public-private sector cooperation, implementing legislative restrictions on ransom payments, and encouraging more vendor and service provider action.
Ransomware incidents are predicted to increase in both sophistication and frequency with the possibility of data exfiltration for leverage.