More than 40 municipalities of all sizes have been victims this year, from the City of Atlanta to dozens of small towns. "The majority have targeted small-town America, figuring that sleepy, cash-strapped local governments are the least likely to have updated their cyberdefenses or backed up their data," Manny Fernandez, David Sanger, and Marina Martinez report for The New York Times.
Attacked city governments have essentially three choices: Reconstruct their systems from scratch, pay an expert to recover the data, or pay the hackers steep ransoms to get their systems unlocked. Communities have proven so willing to pay up that hackers are spending considerable time and effort figuring out ways to make their attacks even sneakier and more precise. Some local governments have purchased cyber insurance; cybersecurity expert Kimberly Goody told the Times she expects hackers will start targeting organizations with insurance, because of the more likely payout.
Beyond the financial fallout and the massive disruption of government, the attacks have serious consequences: "Even when the information is again accessible and the networks restored, there is a loss of confidence in the integrity of systems that handle basic services like water, power, emergency communications and vote counting," the Times reports.
The attacks are unlikely to stop any time soon. "The business model for the ransomware operators for the past several years has proved to be successful," Chris Krebs told the Times. "Years of fine-tuning these attacks have emboldened the actors, and you have seen people pay out — and they are going to continue to pay out." Krebs is the director of the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, which aids American victims of cyberattacks. Homeland Security urges local governments to back up data and system configurations and keep the copies offline, as well as update their software.