Emsisoft Blog: Ransomware cost US Local Governments $623 Million in 2021, but fewer incidents in 2022


Level 76
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
In 2021, ransomware actors once again caused the United States public sector hundreds of millions of dollars in downtime and damages.

Seventy-seven US state and municipal governments and agencies were impacted by ransomware in 2021, down from 113 in both of the previous two years. However, while the needle may have moved in the right direction in terms of incident rate, local government was still one of the groups most heavily impacted by ransomware in 2021 ranking second only to academia, according to the FBI.

The percentage of public bodies known to have paid ransoms decreased from 15% in 2020 to 2.5% in 2021. While this may seem like a positive, we consider the statistic unreliable due to ransom payments not necessarily being publicly disclosed or reported.

The financial impact of ransomware remains significant. There’s the cost of the ransom to consider, of course, but it’s the downtime – the disrupted services, lost time, remediation and recovery expenses – that really drives up the costs. The average ransomware incident costs $8.1 million and 287 days to recover, according to comments made by Winnebago County CIO Gus Genter in 2019. Using these figures, we can estimate that ransomware cost US state and local governments $623,700,000 in 2021.

Data was exfiltrated in at least 35 of the 77 incidents – including incidents involving police departments and a state attorney general – resulting in extremely sensitive information being released online.

Note: This report is based on the number of actual incidents, not the number of attempted attacks. The states with the highest volume of incidents aren’t necessarily the most heavily targeted; the agencies in these states may simply be more vulnerable to ransomware. While the numbers cited by Gus Genter are now be somewhat dated, we are unaware of a better estimate of the average cost in public sector ransomware incidents.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.