#Privacy: At least 68 US government entities hit by ransomware since January

A report by Emsisoft revealed that the average ransomware demand has continued to increase in 2019. 

In the “State of Ransomware in the U.S: 2019 Report for Q1 to Q3”, it was revealed that at least 621 government entities, organisations within the education sector, and healthcare service providers were struck by ransomware. 

Since the beginning of the year, at least 68 state, county and municipal entities have been impacted by ransomware. One particular attack against the city of Baltimore, resulted in the city refusing to pay the demand of $76,000. Subsequently the attack caused widespread disruption, and it is estimated that the recovery costs are at $18.2 million. 

The report identified that at least 62 incidents of ransomware attacks involved school districts and other educational establishments, all of which have potentially impacted operations at up to 1,051 individual schools, colleges and universities. 

The healthcare sector has increasingly become a popular target for ransomware, as healthcare providers are more likely to pay the ransom as “failure to do so may result in data loss that could potentially put lives at risk,” the report said. Between Q1 to Q3, there were a total of 491 ransomware attacks against healthcare providers. 

It was also discovered that ransom demands are continuing to increase, as threat actors seek to maximise their profits and charge as much as they can. 

Fabian Wosar, Emsisoft CTO, told Infosecurity Magazine: “When we look at absolute numbers in all areas – business, government, and home users – ransomware is on the decline. However, this is mostly due to the fact that ransomware gangs focus on business and government targets these days instead of the large-scale spray-and-pray attacks against home users that were dominant just a few years ago. 

“So, while the pressure on home users went down dramatically, it skyrocketed for those other areas.”


PrivSec Conferences will bring together leading speakers and experts from privacy and security to deliver compelling content via solo presentations, panel discussions, debates, roundtables and workshops.

For more information on upcoming events, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.

Privacy Culture: Data Privacy and Information Security Consulting, Culture & Behaviour, Training, and GDPR maturity, covered. https://www.privacyculture.com/