New Sophos Report – The State of Ransomware in State and Local Government 2022

Yesterday, the cybersecurity company Sophos released a new report, The State of Ransomware in State and Local Government 2022, which provides insights into ransomware attack trends, costs and recovery, and ransom payouts in state and local government organizations over the last year. To conduct the report, Sophos polled 5,600 IT professionals in mid-sized organizations across 31 countries, including 199 respondents from the state and local government sector. The study found that ransomware attacks against state and local governments are significantly increasing. Specifically, 58 percent of state and local government organizations were hit by ransomware in 2021, up from 34 percent in 2020, representing an increase of 70 percent over the course of a year. However, at the same time, among critical infrastructure, the government sector reported one of the lowest ransomware attack rates, at 58 percent compared to the cross-sector average of 66 percent. Moreover, 72 percent of state and local government organizations attacked by ransomware had their data encrypted, 7 percent more than the cross-sector average. Only around 63 percent of state and local governments whose data was encrypted used backups to restore data, highlighting the importance of maintaining backups. Additionally, the report confirmed that cyber insurance is motivating state and local governments to improve cyber defenses, with 96 percent having upgraded their cyber defenses to secure coverage and 80 percent reporting they already have cyber insurance coverage against ransomware. Access the full report at Sophos.