Threat from the dark: ransoming local governments

RESEARCH // 2020

  • Since the beginning of 2020, U.S. state bodies at various levels have been attacked by ransomware at least 93 times in 68% of states.
  • 42% of attacks occurred in the battleground states* of the upcoming U.S. presidential elections.
  • Government authorities of Texas were the most exposed to ransomware attacks (13% of all attacks).
  • More than half (55%) of all ransomware attacks occurred in the first quarter of 2020, and most often U.S. state bodies were attacked in January (24%), February (23%), and May (16%).
  • More than half of the attacks (54%) occurred at the city level, almost a third (28%) at the county level, and 18% of the attacks affected the entire state.

* Battleground states (or swing states) are defined as states of the U.S. in which the Democratic and Republican candidates both have a good chance of winning and that is considered key to the outcome of a presidential election. The list of battleground states is based on the research by the Cook Political Report “‎2020 Electoral College Ratings”‎.

Executive summary
Clicking the «Send» button you confirm you agree with our privacy policy.
Please fill in the form. The report will be sent to the specified e-mail.
Чтобы скачать отчет, пожалуйста, заполните форму. Отчет будет направлен на указанный адрес электронной почты.
Clicking the «Send» button you confirm you agree with our privacy policy.
Please fill in the form. The report will be sent to the specified e-mail.
Over the years ransomware has been a particularly harmful issue for the cybersecurity world. It infects and prevents access to thousands of devices and files, and requires users to pay a ransom if they want to regain access to their important information.

However, the basic principles of ransomware remain the same: hackers gain access to a computer system, and once they enter, they use malware to lock the data behind complex encryption; in order to regain access to this data, the victim must pay ransoms ranging from a few hundred dollars to millions of dollars. With the rapid growth of connected devices and digital systems, government services from public security to education are increasingly managed through digital solutions.

The threat posed by ransomware and cyber attacks has not been ignored by government employees. The latest survey conducted by Harris Poll on behalf of IBM found that 73% of government employees are worried about the imminent threat of ransomware in cities across the United States. In addition, nearly 50% of people expect that attacks in the community will increase in 2021, and 66% of all employees who are worried about cyber attacks may sabotage the 2020 election.

However, governments may find themselves vulnerable because they try to keep pace with the development of cybersecurity, usually on an increasingly outdated system. Fragile networks, critical citizen services and paid ransoms will form a positive feedback loop, and successful ransomware attacks will encourage more and more attacks to demand more money. In this case, governments often face a dilemma: to pay ransoms that may exacerbate attacks and other illegal activities, or to bear the huge cost of losing data needed to provide public goods and services.

Unfortunately, there is no panacea for ransomware. Prevention requires hard work building new tools, new policies, and new methods of network security. In view of the recent incidents and the fact that the threat is still actively developing, new viruses have been established and targeted at different industries, we decided the ransomware landscape in U. S state bodies deserves a closer look.
On the morning of May 12, 2017, within a day, WannaCry ransomware spread all over the world, infecting more than 230,000 computer systems in 150 countries and regions, causing financial losses of approximately $ 4 billion. This was the most violent self-propagating malware since 2003, when the Slammer worm infected most of the victims within an hour. WannaCry also caused widespread service interruptions by the National Health Service in the UK. As hospitals and clinics were forced to offline, approximately 20,000 appointments were cancelled. According to Lloyd’s of London, such major global cyberattack can cause an average from $ 4.6 billion to $ 53 billion in economic losses, which is comparable to catastrophic natural disasters such as the U.S. Superstorm Sandy in 2012.

Ransomware is a type of malware or malicious software that prevents you from accessing computer files, systems or networks, and requires you to pay a ransom in return. Ransomware attacks can cause costly operational disruptions and loss of critical information and data. One can unknowingly download ransomware by opening phishing email attachments, clicking ads, clicking links, or even visiting websites with embedded malware. After the code is loaded on the computer, it will lock access to the computer itself or the data and files stored in it. The more threatening version can encrypt local drives, connected drives and even files and folders on network computers. In most cases, you do not know that your computer is infected. Usually, one will find it when the data cannot be accessed or when the computer shows a message informing about the attack and demanding a ransom.

Due to relatively low barriers to entry, ease of use and anonymity of payouts, the number of ransomware attacks is strongly increasing all around the world. In 2017 Cybersecurity Ventures predicted the 15-fold increase in just 2 years from $ 325 million to $ 5 billion in 2017. Today estimations climbed much higher and reached the 57-fold higher number of global ransomware damage costs of $ 20 billion by 2021.

According to the security bulletin issued by a cybersecurity company Kaspersky Lab in December 2016, enterprises were attacked by ransomware every 40 seconds globally, with the frequency of attacks increasing from every two minutes in early 2016. By the Cybersecurity Ventures estimations, by the end of 2019, ransomware attacks were carried out on enterprises every 14 seconds, and by 2021 ransomware attacks will be carried out on enterprises every 11 seconds.

According to the 2020 SonicWall Cyber Threat Report, the only type of malware that spreaded more in 2020 than any month in 2019 was ransomware. By the middle of 2019, the global number of ransomware attacks had grown by 15%, while in 2020 it has grown by 20%. In the United States the amount of ransomware attacks increased by 109%, where it rose to 80 million attacks.

In 2020 SonicWall also mentions the rising attention to the so-called "soft goals", namely local governments, public administration agencies, educational organizations and even hospitals. Because of their small size and generally tight budgets, they often lack the level of security of large companies. And more importantly, the work of such organizations is not only vital to the company itself, but also to the functioning of our society, while these attacks destroyed websites, emails, payroll, telephone services and dispatch services.

According to the Emsisoft Malware Lab report, in 2019, the United States suffered an unprecedented and ruthless ransomware attack that affected at least 966 government agencies, educational institutions and healthcare providers, with a potential cost of more than $ 7.5 billion. Affected organizations included 113 state and city governments and agencies, 764 healthcare providers, and 89 universities, colleges and school districts.

This study analyzed the publicly available information on ransomware attacks on U.S. state bodies in 2020 and identified the most exposed regions of the country.

1. Why is ransomware so dangerous for governments?

* Battleground states (or swing states) are defined as states of the U.S. in which the Democratic and Republican candidates both have a good chance of winning and that is considered key to the outcome of a presidential election. The list of battleground states is based on the research by the Cook Political Report "‎2020 Electoral College Ratings"‎.
Since the beginning of 2020, U.S. state bodies at various levels have been attacked by ransomware at least 93 times in 68% of states. However, it is noteworthy that exactly 29% of all attacks fell on both the Democratic and Republican states (within the segmentation framework suggested by the United States Electoral College).

Nevertheless, during clusterization of ransomware attacks, it was found that 42% of attacks occurred in the battleground states* of the upcoming U.S. presidential elections. In-depth analysis has shown that the majority of ransomware attacks (38%) targeted local authorities and city governments. And by the industrial segregation, 18% of ransomware attacks paralysed the work of local school districts.

2. Map of U.S. ransomware attacks

However, in the midst of the pandemic, a surge in the activity of ransomware attacks were detected. May became the third month since the beginning of the year with a total of 13% of ransomware attacks on U. S state bodies.
The general distribution of attacks by the organizational level of the target has also demonstrated the vulnerability of local authorities and city governments. More than half of the attacks (54%) occurred at the city level, while almost a third (28%) at the county level, and 18% of the attacks affected the entire state. The tragedy of the situation lies in the fact that local authorities have the least amount of resources both to prevent attacks and eliminate the destructive consequences of cyberattacks. This state of affairs creates fertile ground for the emergence of the most dramatic cases.
The beginning of 2020 was the most active period in terms of the number of ransomware attacks on the U.S. state bodies. More than half (55%) of all ransomware attacks occurred in the first quarter of 2020, and most often U.S. state bodies were attacked in January (24%), February (23%). Moreover, one of the most devastating attacks occurred in January.
The study clearly revealed that different states and counties differ greatly in the volume of successful ransomware attacks. In 2020 government authorities of Texas were the most exposed to ransomware attacks (13% of all attacks). Florida, California, North Carolina and Illinois are also among the leaders in the number of ransomware attacks (5% of attacks each).
3. Patterns of ransomware attacks on the U.S. state bodies

Examples of attacks

Florence became a victim of the DoppelPaymer ransomware criminal group on June 5 in an attack that shut down the city’s email system. The gang demanded 38 bitcoin, equivalent to USD $ 378,000, and threatened to publish or sell data stolen from Florence if the city didn’t pay up. A security firm hired by Florence in the wake of the attack was able to negotiate the ransom down to 30 bitcoin, worth around $ 291,000. City mayor Steve Holt said that Florence had elected to pay the ransom despite not knowing for certain what data the cyber-criminals had stolen and encrypted.
An Alabama city is paying over a quarter of a million dollars to cyber-criminals to recover data encrypted in a ransomware attack
A county in the Pacific Northwestern state of Oregon paid $ 300,000 for cyberattack ransom
Cyber-criminals hit Tillamook County in a targeted attack on January 22. As a result, all internal computer systems under the county government, which 250 county employees rely on, went down. The Tillamook County website, which hosts numerous departments, was also taken out in the incident. Other network connections were disabled to contain the spread of the malware. During the Tillamook County Board of Commissioners Tillamook County officials revealed that a $ 300,000 ransom was paid to regain data access after a cyberattack.
Ransomware can damage individuals or organizations. Anyone who has stored important data on a computer or network can be threatened, including government or law enforcement agencies, medical systems or other critical infrastructure entities. Recovery can be a difficult process, it may require the services of a reputable data recovery expert, and some victims have to pay to recover their files. However, there is no guarantee that individuals will restore their files after paying the ransom.

According to the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center, safety measures against the threat of ransomware are the following:

  • Update software and operating systems with the latest patches. Outdated applications and operating systems are the target of most attacks.
  • Never click on links or open attachments in unsolicited emails.
  • Backup data on a regular basis. Keep it on a separate device and store it offline.
  • Restrict users' permissions to install and run software applications, and apply the principle of "least privilege" to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network.
  • Use application allow listing to allow only approved programs to run on a network.
  • Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email to prevent email spoofing.
  • Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
  • Configure firewalls to block access to known malicious IP addresses.

For more information see "Ransomware Security Publication" by the National Cybersecurity and Communications Integration Center and "Ransomware Guide" by the Cybersecurity and Infrastructure Security Agency and the Multi-State Information Sharing and Analysis Center.

4. Ransomware mitigation advice and best practices

MINDSMITH was established in 2018 in Moscow, Russia. The company conducts complex studies, intensive learning programmes and strategic consulting in high technologies.

MINDSMITH consists of a seasoned multidisciplinary team of analysts and consultants in the field of innovations and IT. Core expertise — digital transformation, cross-cutting technologies, new business-models, investments, tech-trends.
Managing Partner,
Ruslan Yusufov
Senior Analyst,
Gleb Borisov


All information about ransomware attacks on U. S state bodies was obtained from public sources, the media and government reports. Battleground states (or swing states) are defined as states of the U.S. in which the Democratic and Republican candidates both have a good chance of winning and that is considered key to the outcome of a presidential election. The list of battleground states is based on the research by the Cook Political Report "‎2020 Electoral College Ratings"‎.

The database sample includes the publicly reported cases within the following timeframe: January 1, 2020 — September 1, 2020.

Victims List

Alabama: Chilton County, City of Florence, Tallapoosa County

Arizona: Arizona Department of Education

Arkansas: Gosnell School District

California: City of Contra Costa, City of Seal Beach, City of Torrance, Panama-Buena Vista School District, Selma Unified School District

Colorado: City of Lafayette, Colorado Unemployment System

Florida: Florida Department of Economic Opportunity, North Miami Beach Police Department, Palm Beach County School District, Town of Jupiter, Volusia County Public Library

Georgia: City of Columbus, Rabun County, Rockdale County

Idaho: City of Post Falls

Illinois: City of Belvidere, Champaign-Urbana Public Health District, Grundy County, Illinois Unemployment System, La Salle County

Indiana: Lawrence County, South Adams Schools District

Kentucky: Kentucky Unemployment System, City of Paducah

Louisiana: City of New Orleans

Massachusetts: City of Reading

Michigan: City of Detroit, Oakland County, Richmond County

Minnesota: City of Minneapolis

Mississippi: City of Jackson

Missouri: Camden County, City of Cape Girardeau, Hillsboro R-3 School District, St. Genevieve County

Montana: City of Havre, Montana Veterans Affairs Health Care System

Nebraska: City of Kearney, City of Wayne

Nevada: City of Las Vegas

New Jersey: Bernards Township, City of Trenton

New Mexico: Gadsden ISD, New Mexico Public Regulation Commission, Rio Arriba County, San Miguel County

New York: Albany County Airport Authority, City of New York, City of Olean, Town of Colonie

North Carolina: City of Durham, City of Rocky Mount, Durham County, Haywood County School District, Surry County

Ohio: Ohio Unemployment System

Oklahoma: City of Okemah

Oregon: City of Keizer, Tillamook County

Pennsylvania: Allegheny Intermediate Unit, Butler County

South Carolina: Bluffton Township Fire District, Spartanburg County School District

Tennessee: City of Knoxville, Coffee County, Lawrence County

Texas: City of Garrison, City of Ingleside, City of Port Lavaca, Cooke County, Fort Worth ISD, Jay PSD, Manor IDS, Nacogdoches ISD, Texas courts, Texas Department of Transportation

Virginia: United States Marshals Service

Washington: Moses Lake School District

Wisconsin: City of Oshkosh, City of Racine


  1. The Harris Pall. “Public Sector Security Research 2020”, 2020-03-02
  2. Symantec. “2018 Internet Security Threat Report”, 2018-10-04
  3. Reuters. “Global cyber attack could spur $53 billion in losses: Lloyd’s of London”, 2017-07-17
  4. Kaspersky. “Kaspersky Security Bulletin 2016”, 2016-12-21
  5. Cybersecurity Ventures. “Global Ransomware Damage Costs Predicted To Reach $20 Billion (USD) By 2021”, 2018-10-18
  6. Federal Bureau of Investigation. “Scams and safety. Ransomware”, 2020-04-03
  7. Cybersecurity Ventures. “Global Ransomware Damage Costs Predicted To Exceed $5 Billion In 2017”, 2017-05-18
  8. SonicWall. “2020 SonicWall Cyber Threat Report. Cyber threat intelligence for navigating the new business normal”, 2020-07-16
  9. Emsisoft Malware Lab. “The State of Ransomware in the US: Report and Statistics 2019”. 2019-12-12
  10. WAFF 49. “City of Florence out nearly $300,000 after ransomware hack”, 2020-06-11
  11. The Tillamook Headlight Herald. “County pays $300,000 for cyberattack ransom”, 2020-03-11
  12. National Cybersecurity and Communications Integration Center. “How to Protect Your Network from Ransomware”, 2016-07-11
  13. Cybersecurity and Infrastructure Security Agency. “Ransomware Guide”, 2020-08-30
  14. The Cook Political Report. “‎2020 Electoral College Ratings”, 2020-09-29
  15. 6 News, «City of Wayne falls victim to ransomware cyber attack», 2020-02-22
  16. 9NEWS, «Ransomware attack forces city of Lafayette to pay hackers $45,000», 2020-08-04
  17. 11Alive, «Rockdale says several county servers hit by ransomware attack», 2020-02-07
  18. 23ABC, «PBVSD ransomware attack will delay report cards», 2020-01-15
  19. ABC30, «Classes in Selma canceled Friday after district computer systems hit by ransomware», 2020-08-30
  20. Albuquerque Journal, «Ransomware hack disrupts NM government website», 2020-01-15
  21. Arizona Capitol Times, «Education Department blunder puts ESA parent names in hands of group that opposes expansion of voucher program», 2020-01-27
  22. BC3, «BC3 restoring systems after ransomware attack», 2020-02-20
  23. Becker’s Hospital Review, «Maze ransomware attack exposes personal info of 1,501 Montana VA health system patients», 2020-07-24
  24. BleepingComputer, «600 Computers Taken Down After Florida Library Cyberattack», 2020-01-21
  25. BleepingComputer, «New Ransom X Ransomware used in Texas TxDOT cyberattack», 2020-06-26
  26. Bloomberg, «Texas Says Court System Was Subject to Ransomware Attack», 2020-05-11
  28. Butler Eagle, «BC3 restoring systems after weekend ransomware attack», 2020-02-20
  29. CBR, «Las Vegas Hacked: Quick Reactions Save Sin City from Outages», 2020-01-09
  30. CBS 58, «City of Racine attacked with ransomware», 2020-02-03
  31. CBS Chicago, «Ransomware Attack Renders LaSalle County Government Computers Unusable», 2020-03-04
  32. CBS Minnesota, «Hackers Gain Access To Minnesota Senate Server ‘For Several Minutes’», 2020-06-03
  33. CBS42, «Chilton County records system affected by Ransomware attack», 2020-07-07
  34. Chicago Tribune, «Data breach in new Illinois online unemployment system exposes private information», 2020-05-17
  35. CISOMAG, «Miami Beach Police Department Suffers Ransomware Attack», 2020-02-12
  36. CISOMAG, «Ryuk Ransomware Campaign Targets Port Lavaca City Hall», 2020-02-18
  37. ClickOnDetroit, «Detroit reports city employee email accounts breach; DWSD customer info could be compromised», 2020-01-23
  38. Cointelegraph, «Alabama City Plans to Pay Ransomware Group Despite Warnings», 2020-06-10
  39. Courthouse News Service, «Hackers Target Texas Courts in Ransomware Attack», 2020-05-11
  40. Cyber Defense Magazine, «Texas Department of Transportation (TxDOT) hit by a ransomware attack», 2020-05-19
  41. Cyberdefence Magazine, «Texas Department of Transportation (TxDOT) hit by a ransomware attack», 2020-05-19
  42., «Gosnell schools hit with ransomware attack», 2020-08-27
  43., «Jay schools working to recover from cyber attack», 2020-03-13
  44., «Rabun County in Georgia thwarts apparent computer hacking attempt», 2020-02-25
  45. Detroit Free Press, «Detroit offers credit monitoring for 15,000 employees, 300 water customers in data breach», 2020-01-23
  46. Detroit Free Press, «Oakland County stops COVID-19 data leak», 2020-04-16
  47. EDSCOOP, «Michigan State hit by ransomware threatening leak of student and financial data», 2020-05-27
  48. Firehouse, «Hacker Holds SC Fire Department Hostage amid Pandemic», 2020-03-20
  49. FITSnews, «Cyber Attack Reported In Bluffton, South Carolina, Authorities Confirm», 2020-03-26
  50. Forbes, «Two ‘Russian’ Ransomware Attacks Take Down North Carolina City And County Government Systems», 2020-03-10
  51. Fort Worth Star-Telegram, «Texas courts won’t pay ransom over malware attack that led to disabled servers, websites», 2020-05-11
  52. FOX 6 Now Milwaukee, «City of Racine’s computer systems infected by ransomware», 2020-02-03
  53. FOX 11 News, «Oshkosh becomes one of ransomware’s latest victims», 2020-01-31
  54. Fox 12, «Oregon Department of Human Services reports data breach from phishing email», 2020-03-20
  55. Fox 17, «Lawrence County Sheriff’s Department E-911 system attacked by computer virus», 2020-04-28
  56. FOX 28 Media, «Bluffton Township Fire District systems hacked during declared emergency», 2020-03-19
  57. Fox 28 Media, «Bluffton Township Fire District victim of cyber attack», 2020-03-20
  58. FOX 66, «Hackers demand Richmond Community Schools to pay $10,000 in Bitcoin», 2020-01-03
  59. FOX Carolina News, «Spartanburg School District One’s computer network hit by ransomware attack», 2020-03-02
  60. Fox19, «Kentucky unemployment website experienced April data breach», 2020-05-28
  61. Fox19, «Ohioans’ personal info exposed in pandemic unemployment data breach, ODJFS says», 2020-05-20
  62. FOX26 News, «Selma Unified hit with ransomware attack», 2020-08-28
  63. Gainesville Daily Register, «County judge: Public’s info compromised in cyberattack», 2020-07-20
  65. GoUpstate, «Spartanburg School District 1 hit with ransomware attack», 2020-03-03
  66. Government Technology, «Cyberattack Disrupts Texas Department of Transportation», 2020-05-18
  67. Government Technology, «New Mexico County Government Falls Victim to Ransomware», 2020-05-28
  68. Great Falls Tribune, «VA sending letter to 1,501 Montana vets about privacy breach», 2020-07-23
  69. Health IT Security, «Illinois Public Health Website Hit With Ransomware Amid Coronavirus», 2020-03-16
  70. Hi-Line Today, «Havre Public Schools Recovering After Ransomware Attack», 2020-02-10
  71. iFIBER One News, «Moses Lake School District hit with ransomware attack in July», 2020-08-23
  72. Infosecurity Magazine, «Las Vegas Suffers Cyber-Attack», 2020-01-08
  73. Infosecurity Magazine, «Oregon City Pays $48,000 Cyber-Ransom», 2020-06-23
  74. Infosecurity Magazine, «REvil Rocks Jupiter», 2020-04-15
  75. Infosecurity Magazine, «Ryuk Ransomware Takes Out Durham, North Carolina», 2020-03-10
  76. Infosecurity Magazine, «Second Data Breach at Kentucky Unemployment System», 2020-08-03
  77. Infosecurity Magazine, «Texas Takes Second Ransomware Hit», 2020-05-18
  78. Infosecurity Magazine, «Texas Takes Second Ransomware Hit», 2020-05-18
  79. Infosecurity Magazine, «US County’s Computers Still Down Nine Days After Ransomware Attack», 2020-01-31
  80. Infosecurity Magazine, «Ransomware Attack at US Power Station», 2020-02-25
  81. KAIT 8, «Gosnell schools hit with ransomware attack», 2020-08-25
  82. KERA, «Fort Worth ISD Hacked, Joining Other Texas Schools, Towns Hit By Ransomware Attacks», 2020-03-09
  83. KFVS12, «Some City of Cape Girardeau online services still unavailable after cyber attack», 2020-01-23
  84. KMOV, «Detectives investigate data breach at Jefferson County School District», 2020-03-02
  85. KrebsOnSecurity, «Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity», 2020-06-09
  86. KRQE, «State agency shuts down website after ransomware attack», 2020-01-16
  87. KRWG, «New Mexico PRC Website Hit By Ransomware Attack», 2020-01-16
  88. KSAT, «Texas school district loses $2.3 million from phishing scam», 2020-01-11.
  89. KSN News, «Jay schools working to recover from cyber attack», 2020-03-12
  90. KTEN, «Ransomware attack infects Grayson County computers», 2020-02-24
  91. KTRE 9, «City of Garrison and Nacogdoches ISD investigate recent ransomware attack», 2020-02-12
  92. KTTN News, «Grundy County Courthouse hit with cybersecurity breach», 2020-02-09
  93. KVIA, «Gadsden schools computer network is latest hit by ransomware attack», 2020-02-25
  94. KVUE, «Manor ISD loses $2.3M in phishing scam; police and FBI investigating», 2020-01-10
  95. KXAN, «TxDOT latest state agency to be victim of ‘ransomware’ attack», 2020-05-18
  96. KXII, «Personal information compromised in Cooke County ransomware attack», 2020-07-20
  97. KZTV Action 10 News, «City of Ingleside suffers from ransomware attack», 2020-02-01
  98. LakeExpo, «Hacked! Camden County Hit By ‘Sophisticated Encryption Attack’, Reports Incident To FBI», 2020-04-15
  99. Las Cruces Sun News, «Gadsden school district hit by ransomware for the second time in a year», 2020-02-25
  100. Las Vegas Optic, «San Miguel County victimized by ransomware attack», 2020-02-06
  101. LEX18, «Kentucky unemployment system hit by potential data breach, second time in three months», 2020-07-29
  102. Loas Alamos Reporter, «Rio Arriba County Commission Chair Leo Jaramillo Says FBI Investigating Tuesday’s Cyber Attack On County», 2020-05-27
  103. Manchester Times, «Ransomware attack hits Coffee County Sheriff’s Department», 2020-04-06
  104. Miami Herald, «Another city hit by ransomware attack. This time the police department is the target.», 2020-02-08
  105. MLive, «Hackers demand Michigan school district pay $10K in bitcoin», 2020-01-03
  106. Montana Public Radio, «How Havre Public Schools Handled A Ransomware Attack», 2020-02-19
  107. MSN, «Belvidere City Hall victim to cyberattack», 2020-02-01
  108. MSSP Alert, «NetWalker Ransomware Attacks Illinois Public Health District», 2020-03-17
  109. MSSP Alert, «Ransomware Attacks Knoxville, Tennessee, City Computer Work», 2020-06-12.
  110. MSSP Alert, «Ransomware Attacks New Orleans Government Agency», 2020-04-20
  111. MSSP Alert, «Sodinokibi Ransomware Attacks Florida Town’s Digital Services», 2020-04-13
  112. My Web Times, «Ransomware attack responsible for La Salle County technology issues», 2020-02-26
  113. National Cyber Security, «Orleans Parish Assessor’s Office still operating despite ransomware attack; no data stolen», 2020-04-18
  114. NBC 6, «North Miami Beach Police Department Hit With Ransomware Attack», 2020-02-10
  115. NET News, «Wayne ‘Slowly But Surely’ Restores Computer System After Cyberattack», 2020-02-27
  116. News 9, «Okemah, FBI Investigating City Hall Hack, Ransom Demands», 2020-06-11
  117. News 10, «Albany airport pays ransom after hit by cyber hackers», 2020-01-10
  118. News 12, «Grayson Co. systems offline due to ransomware attack», 2020-02-24
  119. News 12, «Grayson County: No data compromised during ransomware attack», 2020-03-05
  120. News 13, «Data breach confirmed in ransomware attack on Haywood County Schools», 2020-09-02
  121. News Break, «City of Paducah recovers from IT security concern», 2020-02-21
  122. News Channel 5, «Coffee Co. Jail target of ransomware attack», 2020-04-06
  123. NewsTribune, «La Salle County computer system is on the mend after ransomware attack», 2020-03-04
  124., «N.J. town’s computers target of ransomware attack, mayor says. Town’s website knocked offline.», 2020-05-14
  125. Nola, «Orleans Parish Assessor’s Office still operating despite ransomware attack; no data stolen», 2020-04-17
  126. NTV News, «Kearney mayor’s email hacked again», 2020-06-27
  127. Olean Times Herald, «Ransomware attack temporarily knocks out Olean city systems», 2020-04-17
  128. On Target News, «Coffee County Jail Dealing with Cyber and Ransomware Attack», 2020-04-06
  129. Patch, «Reading Municipal Light Department Hit By Ransomware Breach», 2020-02-25
  130. Reporter-Herald, «72,000 on pandemic unemployment assistance in Colorado had private information exposed», 2020-05-19
  131. Savannah Morning News, «Richmond Hill computers restored after alleged hack», 2020-06-23
  132. SC Media, «Texas attack: Garrison, Nacogdoches schools hit with ransomware», 2020-02-13
  133. Security Week, «Massachusetts Electric Utility Hit by Ransomware», 2020-02-26
  134. Spectrum News, «Florida Unemployment Agency Confirms Data Breach Affecting Some Applicants», 2020-05-21
  135. Spotlight News, «Town of Colonie got hacked; looks to avoid paying ransomware demand of about $400,000», 2020-01-17
  136. Statescoop, «Hackers post Calif. city’s data online after it denied leak», 2020-04-22
  137. Statesman Journal, «Oregon Department of Human Services data breached, clients at risk of identity theft», 2020-03-21
  138. Ste. Genevieve Herald, «Computer Hack Affects County», 2020-06-09
  139. TAPinto, «Final Recovery After Bernards Twp. Cyber-Attack Underway At End of This Week», 2020-05-29
  140. TAPinto, «Probe Continues Into Ransomware Attack on Township System Network On ‘Around the Clock’ Basis», 2020-05-14
  141. Techcrunch, «US Marshals says prisoners’ personal information taken in data breach», 2020-05-09
  142. Techradar, «Las Vegas escapes major cyberattack», 2020-01-09
  143. Texas Lawyer, «Ransomware Hack Disables Texas Supreme Court’s Website», 2020-05-11
  144. The Bernardsville News, «‘Ransomware attack’ draws questions in Bernards Township», 2020-05-29
  145. The Claytone Tribune, «County thwarts apparent computer hacking attempt», 2020-02-21
  146. The Daytona Beach News-Journal, «Ryuk ransomware used to attack Volusia library computers», 2020-02-06
  147. The Detroit News, «Detroit officials warn data breach exposed city workers, residents», 2020-01-23
  148. The Hill, «Minneapolis city systems temporarily brought down by cyberattack», 2020-05-28
  149. The Hill, «Texas court systems hit by cyberattack», 2020-05-11
  150. The Island Packet, «Hacker holds Bluffton fire department servers hostage, as authorities investigate», 2020-03-19
  151. The Journal Times, «Racine’s cyberattacker still a mystery, but FBI says Oshkosh’s ransomware came from Russia», 2020-02-09
  152. The Journal Times, «Ransomware expected to freeze city’s systems all week; All analog services still in place», 2020-02-03
  153. The Journal Times, «Ransomware infects City of Racine computer systems», 2020-02-03
  154. The Mount Airy News, «Cyber attack targets Surry County schools», 2020-07-09. URL
  155. The News & Observer, «Russian malware cripples some Durham city and county systems. City is investigating», 2020-03-08
  156. The News Gazette, «C-U Public Health District’s website held hostage by ransomware attack», 2020-03-11
  157. The Oregonian, «Computers still down in Oregon county hit by cyberattack», 2020-01-29
  158. The Oregonian, «Keizer officials pay $48k ransom to regain control of city computers», 2020-06-22
  159. The Outlook, «Tallapoosa County recovers from ransomware attack», 2020-06-19
  160. The Paducah Sun, «City officials elaborate on breach, payout», 2020-02-28
  161. The Palm Beach Post, «Coronavirus Florida: Jupiter web services back after ransomware attack», 2020-04-10
  162. The Spokesman-Review, «Post Falls Police Department says ‘no sensitive data’ compromised in cyberattack», 2020-06-04
  163. The Trentonian, «Trenton Police suffers 2nd cyberattack in six months, mayor say officials forced to ‘reinvent wheel’ amid pandemic», 2020-04-20
  164. The Wall Street Journal, «New York Investigating Hack of State’s Computer Network», 2020-04-13
  165. Threat Post, «LA County Hit with DoppelPaymer Ransomware Attack», 2020-04-22
  166. Tillamook Headlight Herald, «Cyberattack: County to negotiate for ransomware key», 2020-01-27
  167. Tillamook Headlight Herald, «Tillamook County ready to come online after cyberattack», 2020-02-03
  168. Tribune-Review, «Allegheny Intermediate Unit investigates malware attack, avoids ransom payment», 2020-02-06
  169. Tucson Sentinel, «Arizona Department of Education release unwittingly reveals student data», 2020-01-30
  170. Victoria Advocate, «Port Lavaca City Hall suffers cyber attack», 2020-02-15
  171. WAFF, «Florence city computer systems hit by cyber attack», 2020-06-08
  172. WANE, «South Adams Schools hit with ransomware cyber-attack», 2020-02-20
  173. Wbay, » City of Oshkosh restoring data after computers hit by ransomware virus», 2020-01-30
  174. WBRC, «Chilton County is latest victim of ransomware attack», 2020-07-08
  175. WDRB Media, «Cyberattack on Lawrence County, Indiana, compromised ‘multiple critical systems,’ officials say», 2020-02-07
  176. WESB News, «City of Olean Computers Hit With Ransomware», 2020-04-18
  177. West Kentucky Star, «Paducah Pays $30K to Ransomware Attacker», 2020-02-21
  178. WINK News, «Florida’s unemployment claimants involved in “data security incident,” DEO confirms», 2020-05-21
  179. WITN, «Rocky Mount faces cyber attack; investigation to determine if personal information stolen», 2020-08-29
  180. WKRN, «Lawrence County 911 center attacked by ransomware», 2020-04-28
  181. WLBT, «FBI investigating after JPS computer system hacked», 2020-02-21
  182. WMYA MyTV 40 , «Hackers want money to release Haywood County school district files», 2020-08-25
  183. WOWT 6 News, «City of Wayne falls victim to ransomware cyber attack», 2020-02-22
  184. WPSD Local 6, «Paducah, McCracken County government recovering from computer server hack», 2020-02-03
  185. WRAL, «Durham city, county governments hit by malware attack», 2020-03-08
  186. WRAL, «Rocky Mount investigates possible cyber attack on city’s computer system», 2020-08-28
  187. WRBL, «Columbus Mayor confirms ransomware attack on city government yesterday», 2020-05-27э
  188. WSB-TV, «Ransomware: Rockdale government says infected email sent to server», 2020-02-07
  189. WTAQ, «Oshkosh City Computers Hit By Ransomware», 2020-01-31
  190. WTHR, «Cyberattack knocks out Lawrence County government computers», 2020-02-13
  191. WVLT, «No personal info breached in City of Knoxville ransomware attack, officials say», 2020-06-11
  192. WWL, «Orleans Parish Assessor’s Office hit by ransomware attack, officials say no personal info lost», 2020-04-17
  193. ZDNet, «Data of 645k Oregonians exposed after nine DHS employees fell for a phishing attack», 2020-06-21
  194. ZDNet, «Knoxville shuts down IT network following ransomware attack», 2020-06-11