Last month’s coordinated ransomware attacks against 23 cities in Texas reflect a troubling trend for America’s cities: bad actors are addicted to the payoff. In the 30 years since the first ransomware attack, the digital environment has changed beyond recognition, and it will only continue to mutate—by next year, approximately 30 billion devices will be connected to the Internet, and by 2025, almost 5 billion people will have access to the web. This presents an ever-growing opportunity for cybercriminals to wreak havoc—with local governments frequently in their crosshairs.
In the simplest terms, ransomware is malware that locks up data until the victim pays money to regain access. Established ransomware tactics involve holding a user’s data hostage for a few hundred dollars in Bitcoin. But attackers also make use of new ransomware strains like “Ryuk” and “SamSam” that target and infect entire organizations, and the demands for money increase exponentially. For instance, SamSam’s ransomware extortions average about $50,000 per attack. In August, a “single threat actor” likely compromised a managed-service provider—a company that manages numerous IT systems or services—to conduct attacks against Texas municipalities, demanding a collective 2.5 million dollars. But even after cities pay up, attackers may continue to target them and their insurers.
Read the full article in the Manhattan Institute's City Journal.
More from CNAS
Behind China’s Plans to Build AI for the World
To compete with China’s efforts, the United States needs a far more expansive vision of how to empower other nations with the education, tools and infrastructure needed to jum...
By Bill Drexel & Hannah Kelley
U.S.-China Competition and the Race to 6G
China views telecommunications as central to its geopolitical and strategic objectives....
By Sam Howell
Biden Took the First Step With AI Commitments — Now It’s Congress’ Turn
One of the keys to tackling these risks is developing advanced methods to train effective AI systems while maintaining Americans’ privacy....
By Josh Wallin
Time to Act: Building the Technical and Institutional Foundations for AI Assurance
Assurance for AI systems presents unique challenges....
By Josh Wallin & Andrew Reddie