174 cities worldwide were infected with ransomware throughout 2019

Cybersecurity firm Kaspersky has released its annual report on ransowmare attacks worldwide in 2019. According to the report, based on publicly available statistics, public organizations in at least 174 different cities around the world were victims of ransomware attacks.

This represents an increase of around 60% in the number of affected cities recorded in 2018. The report also mentions that the ransoms demanded by threat actors can range from $5k USD to $5 million USD. It should be mentioned that the bigger the ransom demanded, the more complications ransomware victims faced, especially when they are small organizations.

One of the aspects discussed in this work is the role that cybersecurity teams of affected organizations play during the incident response, which in conjunction with the not-so-recent policies against cybersecurity incidents have changed in some measure the approach taken by companies in combating ransomware, as well as the costs of recovering an attack have been modified.

However, the most decisive factor for the costs of a ransomware infection is the decision whether or not to pay the ransom. A clear example is the city of Baltimore, in the US. A few months ago the city suffered an encryption malware infection and, after refusing to pay a ransom of a few hundred thousand dollars, the city government began its recovery process, which was implemented with multiple failures, which elevated the recovery costs to $18 million.

Attack scenarios also vary depending on the affected city. One of the main scenarios relates to the use of remote access to a system without proper protections, although the most important figures still belong to two factors: social engineering campaigns and unauthorized access to software without update, cybersecurity experts say.

In addition to local governments, one of the new favorite targets of threat actors is hospitals and other medical services organizations. According to the International Institute of Cyber Security (IICS), more than 7% of ransomware attacks recorded globally in 2019 occurred in public and private health care organizations.