Tampa, Fla. (Oct. 21, 2020) – The University of South Florida’s School of Information, in collaboration with Cyber Florida, has published an analysis of reported ransomware attacks targeting Florida organizations between 2016 and 2019 that shows the majority of victims were government organizations. The report, the first in a continuing series on cybersecurity topics to be published by Cyber Florida and researchers at various State University System of Florida (SUS) institutions, is available online at https://cyberflorida.org/research.
In this instance, the report found that of the 18 ransomware incidents its authors reviewed, 14 targeted municipalities, counties, and other public services, and 11 of those took place in 2019, reflecting a surge in ransomware attacks targeting civic institutions across the nation in 2019. According to Cyber Florida Executive Director Mike McConnell, VADM, USN, Ret., former director of U.S. National Intelligence and the National Security Agency, “Cybercriminals began targeting cities, school districts, and similar public services in earnest in 2019, with significant increases in the frequency of attacks and the amount demanded. These organizations are targeted because in part because the services they provide are so vital to citizens, making them even more vulnerable to cyber-based ‘shutdowns’ for ransom, but we hope reports like this will provide government leaders with greater insight into how they can prevent or mitigate these kinds of attacks.”
The analysis was led by Ryan Haggard, a graduate student in Intelligence Studies in the University of South Florida’s School of Information, under the supervision of Steve “Scuba” Gary, Associate Professor of Practice, and relies on publicly available information and reflects their personal views. Some key takeaways from the report include
- Public sector organizations comprised 78% of ransomware victims between 2016 and 2019
- 50% of Florida organizations refused to pay cyber-related ransoms
- 22.2% of Florida organizations agreed to pay the requested amount
- In 27.8% of cases, the outcome was not publicly reported
The report includes an in-depth analysis of the targets, the suspected perpetrators, and the tactics used to infiltrate systems and conduct the attacks.
About Cyber Florida
The Florida Center for Cybersecurity, also known as Cyber Florida, was created by the state in 2014 to help Florida become a national leader in cybersecurity education, research, and community outreach and engagement. Hosted by the University of South Florida, Cyber Florida works with all 12 institutions in Florida’s State University System as well as other dedicated partners from the private and nonprofit sectors; local, state, and federal government; and the U.S. military to achieve our mission.