Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Shoshana Gordon/Axios

If you run a hospital, a bank, a utility or a city, chances are you'll be hit with a ransomware attack. Given the choice between losing your precious data or paying up, chances are you'll pay.

Why it matters: Paying the hackers is the clear short-term answer for most organizations hit with these devastating attacks, but it's a long-term societal disaster, encouraging hackers to continue their lucrative extortion schemes.

Driving the news: Colonial Pipeline paid hackers almost $5 million in ransom to restore its systems and get gasoline flowing again after a ransomware attack held the country's largest pipeline hostage, which resulted in widespread disruption of gasoline supply.

The big picture: "This creates a collective action problem — the bad guys win so they'll go out and hit someone else," said Betsy Cooper, director of Aspen Tech Policy Hub at the Aspen Institute.

  • "As an organization, you have to take into account the immediate costs versus the cost of your data. The less prepared you are, the worse it's going to be."

Threat level: Code red. Negotiating can backfire.

  • Last week, foreign hackers released sensitive files they stole from the Washington D.C. police department last month, after the department offered to pay $100,000 rather than the $4 million that was demanded to return the data, DCist reported.
  • The hackers reportedly said they'd keep the files public for months, even if the police department offered more than the original ransom.

Of note: The outfit responsible for the Colonial Pipeline attack announced it was shutting down Friday, but there's no sign the larger problem will abate.

By the numbers: Payments to ransomware attackers rose 337% from 2019 to 2020, reaching more than $400 million worth of cryptocurrency, according to figures just released by Chainalysis, a blockchain analysis company.

  • So far in 2021, hackers have raked in more than $81 million.
  • The average ransom payment has risen from $12,000 in the fourth quarter of 2019 to $54,000 in the first quarter of this year.
  • Chainalysis notes these figures are conservative because they are based on reported attacks and payments.

Many attacks at the local level go unreported and unnoticed. Attack disclosure requirements vary state by state.

Zoom in: A hospital near Kansas City, Mo., fell victim to an attack, paid the ransom, and then had to ask the city's government for help making payroll, Mayor Quinton Lucas told Axios.

"It's odd how under-discussed [cybersecurity] is when we talk about infrastructure," Lucas said.

  • "The challenge is not necessarily City Hall getting attacked, it's all the institutions that make up a city — the police department, banks, health systems — that all have different security companies working for them."

The irony: While having several different systems may seem inefficient, it disaggregates the risk, Cooper said.

  • "If you put all your eggs in one vendor's basket, if that vendor has a flaw, then everything that's touched by that vendor will be affected." she said.
  • "Just like you probably don't put all your money into one bank account, you probably shouldn't put all your security with one company," she said.

Between the lines: State and city governments are particularly vulnerable to attacks because it's well-known that public agencies often rely on outdated systems with less robust security defenses.

  • Stimulus funds flowing to states and municipalities could make them attractive targets for hackers.
  • While infrastructure funding is a big topic of conversation in Washington and states, it often comes in the form of grants for a specific purpose, like to repair roads or fix a bridge. Upgrading software and system security is often not thought of in the infrastructure category, and instead tackled separately every five or so years.
  • Prompted by the Colonial Pipeline crisis, the Biden administration issued an executive order last week to encourage data IT data sharing and implement stronger security standards. But it applies to federal agencies and contractors, not the local level.
  • A bipartisan group of House members is proposing to create a $500 million grant program for state and local government cybersecurity upgrades.

Companies that sell services to local governments are also attractive targets. In February, a ransomware attack hit widely used payment processor Automatic Funds Transfer Services.

  • The cybercrime operation known as "Cuba Ransomware" sold the stolen data, including personal addresses and other billing information, on the web, security site BleepingComputer reported.
  • The hack triggered data breach notifications from dozens of cities and agencies in California and Washington state.

Zoom in again: Last February, New Orleans was hit with a massive ransomware attack that crippled the city government. After the attack, the city weeded out old systems and machines, update files and install new software.

Then the pandemic hit, and the city had to quickly go fully remote — but it was ready.

  • "In that way, the cyber attack ended up being a huge blessing in disguise," said Liana Elliot, deputy chief of staff to Mayor LaToya Cantrell.

Upgrading its systems should have been done much sooner, Elliot said, but there was no money or political will — until the attack.

  • "Cities often can't do the things we need to do unless there's a crisis," she said.
  • New Orleans later upped its cyber insurance policy to $10 million.

What to watch: Ransomware groups are getting more hostile and are less likely to restore systems, even when they are paid the ransom, according to Accenture's latest report on cyber threats.

Go deeper

St. Pete's top mayoral candidates, in their element

Ken Welch with "Nala," his Harley, outside the Chattaway. Photo: Selene San Felice/Axios

St. Pete residents: Tomorrow is your last chance to cast a ballot for mayor. If you're still undecided, we sat down with the three leading candidates to see them in their element.

Ken Welch's life has revolved around wheels. He rides a Harley, he's driven for Uber, and now he wants to be in the driver's seat at St. Pete City Hall.

Who he is: Welch, fresh off of a 20-year run as a Pinellas County commissioner, is polling as the frontrunner among nine candidates for mayor. If he wins, he'd be the city's first Black mayor.

CCP releases two jailed Canadians after Huawei CFO deal with DOJ

Photo: Sheldon Cooper/SOPA Images/LightRocket via Getty Images

Two Canadians imprisoned by the Chinese government for over 1,000 days have been released and are expected to arrive in Canada on Saturday, Prime Minister Justin Trudeau said Friday.

Why it matters: Their release comes hours after Huawei Technologies CFO Meng Wanzhou reached a deal with the U.S. Department of Justice that resolves the criminal charges against her and could pave the way for her to return to China.

Updated 15 hours ago - Politics & Policy

Arizona GOP's private recount of 2020 election confirms Biden's win

Contractors working on behalf of the GOP examine and recount 2020 ballots at Arizona Veterans Memorial Coliseum in Phoenix in May. Photo: Courtney Pedroza/Getty Images

In an odd coda to the 2020 election, private contractors conducting a GOP-commissioned recount in Arizona confirmed President Biden’s win in Maricopa County.

Why it matters: The unofficial, party-driven recount has been heavily covered on cable news as part of former President Trump's continued effort to sow doubt about the election result.