In a blog post, which took in attacks during the first two calendar quarters, the company, which specialises in ransomware research, said the trend reversal could be due to the fact that employees were now returning to their offices. Else, it could be the normal seasonal spike.
In 2019, Emsisoft released a report about attacks on US public sector bodies wherein it said that at least 948 government agencies healthcare providers and educational establishments being hit at a cost estimated to be about US$7.5 billion.
This year, at least 131 federal healthcare providers and educational establishments had taken a hit from various Windows ransomware packages, the company said. The breakdown by month was: January – 39. February – 38, March – 12, April – 10, May – 15, and June – 14.
Forty-one hospitals and healthcare providers were hit; the breakdown was January – 10, February – 16, March – 3, April – 3, May – 4, and June – 5.
And 30 school districts and other educational organisations made up the remainder with the breakdown being January – 10, February – 12, March – 2, April – 2 and May – 4. There were no attacks in June.
The blog post pointed out that studies by academics and also audits had shown time and again that the US public sector had poor cyber security practices.
Emsisoft chief technology officer Fabian Wosar said: "[The year] 2020 need not be a repeat of 2019. Proper levels of investment in people, processes and IT would result in significantly fewer ransomware incidents and those incidents which did occur would be less severe, less disruptive and less costly.”
In March, Emsisoft announced that it had partnered with incident response company Coveware to offer free assistance to critical care hospitals and other healthcare providers who are on the front lines of tackling the coronavirus pandemic and suffer a Windows ransomware attack.