The number of successful ransomware attacks witnessed a decrease between January and April 2020 in the U.S. public sector amid the COVID-19 crisis. However, researchers have recently noticed that trend reversing, with incidents now starting to increase.

According to the study by the malware lab, Emsisoft, the figures show a decline in comparison to the 966 targeted establishments that were successfully attacked at the cost of $7.5 billion.

Strong decline in the figures compared with 2019 stats

However, during the Q1 and Q2 2019, just 128 federal and state entities, healthcare providers, and educational districts were attacked by ransomware gangs.

The research highlights that the lab is starting to notice a bearish reversal, in part due to the lifting of restrictions and employees returning to the offices.

The U.S. public sector’s cybersecurity is still poor

Speaking with Cointelegraph, Brett Callow, threat analyst at Emsisoft, provided some insight regarding the public sector’s poorly security infrastructure:

“The US must find a way to improve security in the public sector. In 2019, all but one of the 966 successful attacks on the public sector were simply expensive and disruptive encryption events but, in 2020, many will also be data breaches. At least five government entities and three universities have already had data stolen and published this year, and it’s inevitable that they will not be the last.”

Fabian Wosar, CTO of Emsisoft, also warned:

“2020 need not be a repeat of 2019. Proper levels of investment in people, processes and IT would result in significantly fewer ransomware incidents and those incidents which did occur would be less severe, less disruptive and less costly.”

The study states that since November of last year, a steadily increasing number of groups – including DoppelPaymer, REvil/Sodinokibi and NetWalker – are stealing data as a precursor to encryption within the U.S. public sector.

Recently, the U.S. Secret Service issued a warning about an increase in hacks targeting managed service providers, or MSPs. The warning was notedly applicable to both the U.S. private sector and various government entities.

Cointelegraph reported that the University of California at San Francisco School of Medicine allegedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1.