The 2017 WannaCry ransomware worm may be the most famous ransomware attack in recent history, but it’s far from the only one. WannaCry’s fame was largely caused by the fact that it indiscriminately infected computers around the world, causing massive amounts of damage and costing affected organizations tens or hundreds of millions of dollars in remediation efforts. The scope of the infection was only limited by a security researcher finding and activating a “kill switch” built into the malware.
Modern ransomware attacks have become much more targeted. Rather than attempting to get a small amount of ransom out of a large number of targets, hackers choose quality over quantity and select high-value targets that are likely to produce large payoffs. Many organizations have data that they can’t afford to lose, so this tactic has proven quite effective.
In recent months, a stream of high-profile attacks has demonstrated that some ransomware operators have found their ideal target: municipal governments. These organizations often have the scale and resources that the hackers are looking for when trying to score a large payoff but lack the cyber defenses to protect the valuable data and services that they provide. As a result, entire cities have lost critical services due to these ransomware attacks.