Ransomware Attacks on Government Agencies Tripled in Past Year

businessman hand ho, ... ]

businessman hand ho, ... ] Nicescene/Shutterstock.com

About 4 percent of government agencies have been exposed to Nymaim, a ransomware strain, and 3 percent to Locky.

Ransomware attacks on government agencies around the world have tripled in the past year, a new report finds.

Government entities are second most likely to be targeted by ransomware attacks, following only the education sector, an analysis from cybersecurity ratings company BitSight concluded. Ransomware is a type of malware that blocks users from accessing their own data until they pay the attacker.

The report, which canvassed almost 19,000 organizations in the finance, health care, education, energy, retail and government sectors, found about 4 percent of government agencies had been exposed to Nymaim, and 3 percent to Locky, both ransomware strains. Of all industries, government had the second lowest security rating, as well as the highest ransomware attack rate.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

Locky is a variant that has been infecting health care facilities and other large organizations, not only in the United States but also in New Zealand and Germany, according to a U.S. Computer Emergency Readiness Team alert from the spring

Ransomware has been garnering more attention recently. Last year, a series of hospitals fell victim to the attacks; one, the Hollywood Presbyterian Medical Center, paid the $17,000 ransom to unlock critical medical information. The FBI has embarked on a nationwide education campaign to help organizations prevent ransomware attacks, and earlier this month, the Federal Trade Commission hosted a workshop series related to ransomware.

The FBI has noticed an uptick in ransomware the past few months, Stacy Stevens, an FBI cyber unit chief, said during an event in Washington last month.

Stevens, who recommended not paying the ransom, said attackers are getting smarter. While they used to unlock the victim's data once ransom was paid, now, "when you pay the ransom, that criminal thinks this information is very important to them ... We see these folks getting a little bit more ... aggressive and sometimes, they won't even give you your stuff back."

US-CERT has recommended backing up data frequently, updating software to get the latest security patches, and not following unsolicited links in emails to prevent these attacks.