September 03, 2019

The Rise of Municipal Ransomware

America’s smallest cities and towns stand on the frontlines of cyber warfare.

By Kara Frederick

Last month’s coordinated ransomware attacks against 23 cities in Texas reflect a troubling trend for America’s cities: bad actors are addicted to the payoff. In the 30 years since the first ransomware attack, the digital environment has changed beyond recognition, and it will only continue to mutate—by next year, approximately 30 billion devices will be connected to the Internet, and by 2025, almost 5 billion people will have access to the web. This presents an ever-growing opportunity for cybercriminals to wreak havoc—with local governments frequently in their crosshairs.

In the simplest terms, ransomware is malware that locks up data until the victim pays money to regain access. Established ransomware tactics involve holding a user’s data hostage for a few hundred dollars in Bitcoin. But attackers also make use of new ransomware strains like “Ryuk” and “SamSam” that target and infect entire organizations, and the demands for money increase exponentially. For instance, SamSam’s ransomware extortions average about $50,000 per attack. In August, a “single threat actor” likely compromised a managed-service provider—a company that manages numerous IT systems or services—to conduct attacks against Texas municipalities, demanding a collective 2.5 million dollars. But even after cities pay up, attackers may continue to target them and their insurers.

Read the full article in the Manhattan Institute's City Journal.

More from CNAS

  • Commentary
    • Defense One
    • September 18, 2020
    Esper's Convenient Lie

    Esper’s claim that the two decades of countering violent extremism left the U.S. under-prepared for a near-peer fight doesn’t hold water....

    By Paul Scharre

  • Video
    • September 15, 2020
    Apple announces new products amid Epic fight, plus the latest on TikTok: CNBC After Hours

    As President Trump prepares to review Oracle’s proposal to partner with TikTok, international security experts Kara Frederick and Bobby Chesney explain the national security r...

    By Kara Frederick

  • Podcast
    • September 14, 2020
    Ep. 75: The next big thing(s) in unmanned systems

    This episode, we'll explore emerging trends in unmanned systems. We’ll start in the air, before turning to the land and sea in a review of Russian-made systems and military th...

    By Samuel Bendett

  • Commentary
    • September 10, 2020
    Designing a U.S. Digital Development Strategy

    The digital choices that U.S. allies and partners make today will play a critical role in shaping the future of U.S. national security....

    By Siddharth Mohandas, Kristine Lee, Joshua Fitt & ​Coby Goldberg

View All Reports View All Articles & Multimedia