PerspectiveRansomware Attacks Are Testing Resolve of Cities Across America

An F.B.I. warning sent to key players in the American cyberindustry on Monday left unclear who was responsible for the malware afflicting twenty-two cities and towns in Texas, a strain first seen in April and named Sodinokibi. On Wednesday, the Department of Homeland Security issued a warning about a “Ransomware Outbreak,” cautioning cities and towns to “back up your data, system images and configurations” and keep them offline. It urged them to update their software — something Baltimore had failed to do.

Ransomware is hardly new, but it is in fashion.

Manny Fernandez, David E. Sanger, and Marina Trahan Martinez write in the New York Times that a decade ago the most prevalent type of cybercrime was intellectual property theft — the stealing of industrial designs or military secrets. The American-Israeli attacks on Iran’s nuclear centrifuges brought a different kind of attack to the fore: destruction of infrastructure, which has taken many forms in recent years. But ransomware is different because it does not destroy data or equipment. It simply locks it up, making it inaccessible without a complex numeric key that is provided only to those who pay the ransom.

Two years ago such attacks were still relatively rare. But now they are far more targeted, and as companies and towns have shown an increased willingness to pay ransoms, criminals have turned to new and more powerful forms of encryption and more ingenious ways of injecting the code into computer networks. Only this summer did the United States begin to see multiple simultaneous attacks, often directed at government websites that are ill-defended.