Cities have been falling prey to ransomware attacks at a growing rate. From the Atlanta, Georgia attack in 2018 that lasted weeks, to the Baltimore, Maryland attack that took the city offline, hackers are systematically targeting city governments. There are several characteristics that make governments lucrative. These complicated and consistently underfunded systems are often years behind on the technology front. It is unlikely that the computers in the networks will be updated or that they will be actively monitored to detect threats. It is also likely that the cities do not have adequate backups of their data, preventing them from being able to easily restore their network functions after a ransomware attack. And, knowing how delinquent the technology is, paying a ransom to restore systems will be vastly cheaper than rebuilding and updating a network from scratch.

All of these traits make city governments a lucrative target for hackers. And hackers have been taking note. However, not all cities agree to pay the ransom. Baltimore, for instance, followed the advice of the FBI and chose to not pay a ransom of over $75,000 to restore their systems. The main reasons were that there was no guarantee of restoration once the ransom was paid, and that the money paid in ransom would not actually be helping the city improve – it would merely be a precursor to all the money they would have to pay to update and improve their cybersecurity anyway.

Indeed, mayor Bernard Young of Baltimore estimated that the attack would cost the city $10 million, in addition to an estimated $8 million lost while the city was offline. This figure could rise as Baltimore continues to pay for cybersecurity experts to improve their systems and defenses.

A ransom of $75K may seem reasonable next to a cost of $18 million, but recently the US Conference of Mayors adopted a resolution to no longer pay ransom demands to alleviate ransomware infections. The Conference of Mayors includes over 1,400 mayors from across the US, all representing cities with a population of over 30,000.

The conference noted that 22 ransomware attacks on city or state governments had already happened in 2019 alone. Many of them are successful in extracting a payment from cities. Two Florida cities paid a combined $1 million to hackers for decryption keys to unlock their data. However, even after a successful decryption, cities have to go through a rigorous rebuilding process to prevent further attacks, and this almost always costs more than the initial ransom. For that reason, many experts advise against giving any of that money to the hackers.

The Conference of Mayors stated that “Paying ransomware attackers encourages continued attacks on other government systems, as perpetrators financially benefit. The Unites States Conference of Mayors has a vested interest in de-incentivizing these attacks to prevent further harm.”