Cybersecurity

Government ransomware attacks staying static, says Comparitech

Even when ransomware attacks decline, government agencies aren’t getting a break.
article cover

Mikhail Makarov/Getty Images

3 min read

There hasn’t been a cyberattack on government agencies every day this year​​—it’s been more like every three days.

According to recent Q1 data from the research firm Comparitech, 2024’s cyber shakedowns are decreasing compared to the same quarter last year. One number holding steady, however? Attacks against the public sector.

“The government attacks seem to be staying pretty static and not going down,” Paul Bischoff, Comparitech editor, told IT Brew.

Ransomware in action. The group counted a total of 154 attacks as of March 2024, according to its collection of reports, news, and cybersecurity databases. The hundred-high figure, though likely depressing to security pros, is actually a significant decline from Comparitech’s Q1 numbers from last year: 337 attacks.

Government agencies made up 36 of 2024’s 154 first-quarter targets, which also included the additional sectors of business, education, and healthcare. Comparitech’s numbers for government agency attacks in 2023 totaled 202 for the year and 50 in its first quarter. In other words: Ransomware is down overall, since last year, just not if you’re in the public sector.

The average ransom amount for government facilities in 2023, according to Comparitech: $831,125.

Why so down? The FBI’s annual Internet Crime Report noted that, in 2023, the agency received 156 complaints from government facilities impacted by ransomware.

Attacks in 2024 demonstrated the disruptive effect of cyberattacks on government groups:

  • NBC reported a cyberstrike on a computer-aided emergency dispatch system in Bucks County.
  • According to a CNN report in January, a cybersecurity incident in Fulton County, Georgia led to an IT outage impacting phone, tax, and court-management systems.
  • In January, BleepingComputer detailed a ransomware attack on the Kansas City Area Transportation Authority (KCATA), impacting transit communications.
Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.

“In some cases, government facilities may be able to restore lost data using backups; other times, they may pay the ransom amounts or go through the costly effort of rebuilding systems,” Bischoff wrote.

“These are often underfunded agencies. They don’t have a ton of money to hire full-time professional IT staff, or at least not as much as they would like to,” Bischoff told IT Brew.

A 2023 “Local Government Cybersecurity National Survey,” conducted by Public Technology Institute, found that just 36% of local IT executives “feel that their budget is adequate to support cybersecurity initiatives.”

Under pressure. Nathan Fisher, managing director at the professional-services firm StoneTurn and former FBI agent, has seen government IT up close. Many public sector agencies provide critical services that maintain societal stability, and there is an often greater sense of urgency and danger to the public, he said, when a government office is compromised.

“Threat actors recognize this and trust this will further pressure the victim agency to pay the extortion demands,” Fisher shared with IT Brew in an email.

“I think our defenses are getting better, and our awareness of the problem is getting better. People are being trained on how to spot phishing emails more often now. But that training may not exist in every government agency,” Bischoff told IT Brew.

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.