American town halls: current situation
In 2019, more than 20 American municipalities faced ransomware attacks (a type of malware), with financial consequences sometimes exceeding several million euros.
Many American town halls are far from state-of-the-art when it comes to prevention. Paying such ransoms can be tempting for a helpless victim who may prefer to pay a few hundred thousand euros rather than having to rebuild their databases, for example, which would be a long and very costly process.
Radical solution: an end to ransom payments?
Paying these ransoms is a strong incentive for cybercriminals seeking a quick return on investment.
The more than 1,000 mayors who are members of the "Conference of Mayors," equivalent to our Association of Mayors of France, have understood this well, under the leadership of Baltimore Mayor Bernard Young. Young refused to pay a ransom of €60,000, which resulted in costs for his municipality that could amount to €15 million.
In order to curb the problem, the association voted on a resolution stating that its members will not pay ransom in the future.
French cities are also targets for ransomware
A number of incidents, often concealed by the municipalities concerned, also occur regularly in France. Recent examples include the town of Sarrebourg , as well as a double cyberattack against the town of La Croix Valmer a few months ago.
To date, there is no binding legislation in France. Even though ANSSI and various authorities advise against paying the ransom demanded.
What does this mean in the long term?
No longer able to pay the ransom to cybercriminals, cities will have to work twice as hard to:
– Increase their technical security level;
– Set up backups;
– Raise awareness among teams at all levels of the hierarchy.
It should not be forgotten that, in the vast majority of cases, cyberattacks originate from actions carried out by users without their knowledge or due to their lack of vigilance.
