Security News > 2020 > March > Local governments: Don't pay ransoms to hackers

A new report from the Deloitte Center for Government Insights surveyed ransomware attacks on local governments throughout 2019 and lays out a few tips for those faced with the tough decision of whether to pay ransoms or not.

The crucial question for most local governments is whether to pay, and while it may seem like the massive cost differences between thousand-dollar ransom payments and million-dollar recovery efforts is steep, the report suggests local governments hold the fort and refrain from paying cybercriminals.

The study notes that the federal government also urges local governments never to pay ransoms but a number of towns have ignored this advice, looking at the millions cities are being forced to pay for recovery and opting to shell out the relatively meager $50,000 to $100,000.

Local governments should also share information with each other about best practices and solutions that may work for them, according to the study, which noted that the federal government currently has no legal requirement for local municipalities to report ransomware attacks.

"Connected devices, digital systems and integrated data mean governments have the opportunity to serve people and communities like never before," said Deborah Golden, cyber risk services leader at Deloitte & Touche LLP. "It also means there is a large surface for cyber criminals to attack local governments and hold sensitive citizen data hostage. Government officials need to understand the risk involved if their systems and data were suddenly gone or rendered useless."

News URL

https://www.techrepublic.com/article/local-governments-dont-pay-ransoms-to-hackers/#ftag=RSS56d97e7