reports that ransomware attacks have impacted over 2,300 public sector organizations across the U.S. in 2021. At least 77 state and municipal governments and agencies were affected by ransomware attacks last year, which was lower than the past two years, but nearly 50% of the incidents resulted in data breaches.
Smaller towns and counties have also been increasingly targeted by threat actors in the past 12 months as larger cities increased cybersecurity investments, according to an Emsisoft report. The report also showed the number of schools hit by ransomware attacks declined from 1,681 in 2020 to at least 1,043 in 2021, even though the number of attacked school districts increased during the same period. Meanwhile, 1,203 individual health care sites were attacked in the past year, compared with only 560 in 2020.
Similar ransomware attack prevalence since 2019 suggests lacking security improvements in the U.S. public sector, said Emsisoft ransomware expert Brett Callow.
"But they may be starting to change. As noted in the report, the size of victim organization seems to have decreased, possibly indicating that bigger organizations have used their bigger budgets to rectify their security shortcomings," added Callow.