While paying a ransom in cyberattacks may be a viable strategy, local governments are going to have to answer to taxpayers should the choose that option, according to an IBM Security and Morning Consult survey.
The survey, which was based on 2,200 responses from US citizens in cities, found that nearly 60% of respondents said they are against their local governments using tax dollars to pay ransoms.
- Cybercrime: Ransomware attacks have more than doubled this year
- Over 20 Texas local governments hit in 'coordinated ransomware attack'
- Ransomware gang wanted $5.3 million from US city, but they only offered $400,000
Cities have opted to pay up to get out of ransomware attacks largely due to recovery costs and services being sidelined. However, paying ransom also encourages more bad behavior. The practice has been controversial, but research firms such as Forrester say paying ransom should be considered as an option based on costs to recover.
Lake City and Riviera City in Florida saw paying ransomware as viable. So did Jackson City, GA. A report by US cyber-security firm Recorded Future published in May highlighted a spike in ransomware attacks targeting US cities. Previous victims include Lynn, Massachusetts, Cartersville, Georgia, and Baltimore, Maryland, just to name a few.
While taxpayers are against paying a ransom in cyberattacks, they aren't for spending more money on protection either. Key findings:
- More than 60% of respondents prefer their city to deal with larger recovery costs than use tax dollars on ransom.
- 75% of respondents were concerned about ransomware and how it affects their personal data.
- 90% of respondents are in favor of increasing federal funding to improve city cybersecurity.