Security Experts:

Connect with us

Hi, what are you looking for?



FBI Warns of Ransomware Attacks Targeting Local Governments

The Federal Bureau of Investigation (FBI) this week warned local government entities of ransomware attacks disrupting operational services, causing public safety risks, and causing financial losses.

The Federal Bureau of Investigation (FBI) this week warned local government entities of ransomware attacks disrupting operational services, causing public safety risks, and causing financial losses.

In a Private Industry Notification (PIN), the FBI underlined the significance of such attacks, due to the public’s dependency on services overseen by local governments, including critical utilities, education, and emergency services.

According to the FBI, local government entities within the government facilities sector (GFS) represented the second most targeted group following academia, based on victim incident reporting throughout 2021.

Last year, smaller counties and municipalities represented the majority of victimized local government agencies, “likely indicative of their cybersecurity resource and budget limitations,” the FBI says.

Based on an independently-conducted survey, local governments are the least able to prevent ransomware attacks and recover from backups, and often pay the ransom to get the data back.

[ READ: FBI: 649 Ransomware Attacks on Critical Infrastructure Organizations in 2021 ]

Ransomware attacks on local governments may result not only in the disruption of services, but also in the compromise of data, and could have significant impact on local communities.

In January 2022, Bernalillo County had to shut down its computer systems and public offices following a ransomware incident.

The attack also resulted in emergency response operations falling to “backup contingencies,” and in the lockdown of the Metropolitan Detention Center (MDC), after surveillance cameras at the facility were disabled, and automated doors deactivated.

In September 2021, a ransomware attack on a US county’s network shut down the county courthouse and resulted in the compromise of a large amount of data.

In a May 2021 attack, a county’s operations, including scheduling of COVID-19 vaccination appointments, were crippled and the attackers claimed to have stolen over 2.5 gigabytes of data.

[ READ: Ransomware Targeted 14 of 16 U.S. Critical Infrastructure Sectors in 2021 ]

In January 2021, an attack on another local US county government’s systems resulted in the encryption of jail and courthouse computers, as well as election, financial, law enforcement, and other files.

The incident impacted the sheriff department’s records management program and public defender office computers, among others.

Ransomware is typically distributed through phishing, RDP connections, and software vulnerabilities, and remote working caused by the COVID-19 pandemic provided threat actors with new attack vectors.

“In the next year, local US government agencies almost certainly will continue to experience ransomware attacks, particularly as malware deployment and targeting tactics evolve, further endangering public health and safety, and resulting in significant financial liabilities,” the FBI says.

Related: FBI Warns of BlackByte Ransomware Attacks on Critical Infrastructure

Related: Nations Vow to Combat Ransomware at US-Led Summit

Related: U.S. Agencies Publish Ransomware Factsheet

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.


Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack