A report by the malware lab Emsisoft revealed a strong decline in successful ransomware attacks between January and April 2020 in the US public sector amidst the COVID-19 crisis, as researchers have recently noticed that trend reversing, with incidents now starting to increase.
It has been reported by Emsisoft that the figures show a decline in comparison to the 966 targeted establishments that were successfully attacked at the cost of $7.5 billion.
However, during the Q1 and Q2 2019, just 128 federal and state entities, healthcare providers, and educational districts were attacked by ransomware gangs.
The report highlights that the lab is starting to notice a bearish reversal, in part due to the lifting of restrictions and employees returning to the offices.
Brett Callow, the threat analyst at Emsisoft, said:
“The US must find a way to improve security in the public sector. In 2019, all but one of the 966 successful attacks on the public sector were simply expensive and disruptive encryption events but, in 2020, many will also be data breaches. At least five government entities and three universities have already had data stolen and published this year, and it’s inevitable that they will not be the last.“
Likewise, Fabian Wosar, the CTO of Emsisoft, also warned:
“2020 need not be a repeat of 2019. Proper levels of investment in people, processes and IT would result in significantly fewer ransomware incidents and those incidents which did occur would be less severe, less disruptive and less costly.”
Thus, the study states that since November 2019, a steadily increasing number of groups, including DoppelPaymer, REvil, and NetWalker are stealing data as a precursor to encryption within the US public sector.