Taxpayers Oppose Local Governments Paying Hackers in Ransomware Attacks

IBM Security announced results of a new study that explores taxpayers' point-of-view on ransomware in the wake of growing attacks against cities. The survey, conducted by Morning Consult, highlights that nearly 80% of citizens surveyed across the United States are increasingly worried about ransomware attacks on cities, yet more than half are still hesitant to have city governments put forth the funds to fight off hackers or implement cybersecurity defenses to help protect against attacks in the first place.

The study findings explore the extent to which U.S. citizens understand the severity of ransomware attacks, what they're willing to contribute from their tax dollars, how they feel government leaders are handling the issue, and how they prioritize the services that are being targeted during attacks. With the FBI reporting nearly 1,500 ransomware attacks in 2018 alone, and more than 50 cities and government entities impacted by ransomware attacks in 2019 so far, preparation for these threats remains critical. The results illustrate a divide between surveyed taxpayer's expectations and public official's resources, creating a challenge for local and state governments combating and managing the threat of ransomware.

The study was compiled based on the responses of 2,200 US citizens spanning various city sizes, ages, incomes, political views, and more. Taxpayers see ransomware as a threat to their personal data and their city's data. 75% of respondents expressed concern around ransomware threats to their personal data, while nearly 80% fear ransomware's impact on cities across the U.S. Nearly 60% of surveyed are against their local governments using tax dollars to pay ransoms.

Taxpayers would rather see ransomware play out than pay up. More than 60% of respondents would prefer their city to deal with the larger recovery costs rather than use tax dollars to pay ransom in a ransomware attack Just under half of responding citizens believe protecting cities from ransomware is the federal government's job, above state and local decision makers and nearly 90% of U.S. citizens are in favor of increasing federal funding to improve cybersecurity in cities.

While citizens are most likely to support payment of ransoms for services they see as critical, the services they do not consider critical are surprising. More than 30% wouldn't support payment of any amount to assist 911 emergency services, police departments, and school systems if they were targeted by a cyberattack. Even those who were willing to pay to restore critical emergency services were, in many cases, often only willing to do so if the cost ran below $50,000. Nearly 40% of respondents specifically noted they wouldn't pay anything to assist K-12 public schools or police departments.

The IBM survey found that U.S. citizens seem to be looking to the federal government for leadership when it comes to handling the issue of ransomware. While attacks are primarily being seen at the local government level, almost half of respondents consider ransomware to be the federal government's job.

Additionally, citizens are much more willing to see the federal government pay to implement better cybersecurity, rather than pulling from their own local tax dollars. Nearly 90% are in favor of increasing federal funding for local governments to improve cybersecurity. And for those who have already been hit by these attacks, more than three-quarters of responding citizens believe the federal government should be reimbursing those cities who continue to be crippled by the aftermath of their attacks.