The U.S. public sector saw a barrage of financially-driven ransomware attacks that hit some 2,323 local governments, schools and healthcare providers in 2021, Emsisoft said in a recent report on ransomware activity.
Of significant note, Emsisoft’s numbers do not take into account attacks on third party service and solution providers, including MSSPs and MSPs, both of which help to protect public sector organizations.
Ransomware Attacks and Resulting Data Breaches
By segment, public sector attacks resulted in nearly 120 data breaches and volumes of sensitive data posted online. Favored targets included:
- 77 state and municipal governments and agencies.
- 1,043 schools.
- 1,203 healthcare providers.
The total number of local governments and agencies hit by ransomware in 2021 actually amounted to roughly one third of the 113 entities hijacked both in 2019 and 2020. Instead of aiming at large targets, ransomware hijackers mostly eyed smaller municipalities and counties, Emsisoft said, suggesting that larger governments may be shoring up their defenses.
Emsisoft estimated that taken together the 77 ransomware incidents levied on the public sector cost about $624 million and resulted in more than 22,000 days of disruption, some of which were “significant and even life threatening.” Of the 77 instances, 36 yielded data breaches.
Ransomware Attacks vs. U.S. Schools: 2021 Research Statistics
As for attacks on education institutions in 2021, a total of 88 education sector organizations were impacted by ransomware, including:
- 62 school districts.
- 26 colleges and universities.
- 1,043 individual schools.
Data was stolen in at least 44 of the 88 incidents, resulting in sensitive information relating to both employees and students being released online. In 2020, 84 incidents affected 58 school districts, and 26 colleges and universities. The number of schools impacted was 60 percent higher at 1,681. The average number of schools affected by each incident decreased to 12 in 2021 from 20 in 2020.
Ransomware Attacks vs. Healthcare Providers: 2021 Research Statistics
On healthcare, ransomware attackers hit 68 healthcare providers in 2021, including multiple hospitals and multi-hospital health systems. Taken together, those organizations operated 1,203 sites. The number of hijacked medical providers decreased from the 80 entities operating 560 sites victimized in 2020.
Among the providers hit in 2021 included:
- Sanford Health which operates more than 600 locations, including 46 hospitals.
- Scripps Health which operates 24 locations, including five hospitals. Its attack cost more than $112 million.
“Ransomware became so much of a problem because the cyber criminals were able to operate with almost complete impunity. That is finally starting to change,” Emsisoft said.