What's Happening?
A significant increase in ransomware attacks has been observed targeting small businesses and municipal organizations in the U.S. during the first half of 2025. According to cybersecurity firm Guardz, the frequency of cyberattacks on small businesses has nearly doubled compared to the previous year, with over 80% of these attacks focusing on credential theft. The accessibility of attack-as-a-service offerings on the dark web has enabled even inexperienced hackers to launch effective campaigns. Municipalities, such as the City of St. Paul, Minnesota, have also been affected, experiencing severe disruptions in public services due to coordinated cyberattacks. The city had to shut down its information systems, affecting Wi-Fi in public buildings and library services, although emergency services remained operational. The ransomware group Interlock claimed responsibility for the attack, leaking 43 gigabytes of stolen data. The city refused to pay the ransom and opted to restore data from backups.
Why It's Important?
The surge in ransomware attacks highlights the vulnerability of small businesses and municipal organizations, which often lack the robust cybersecurity defenses of larger enterprises. This trend poses significant risks to public services and the economy, as disruptions can lead to financial losses and compromised sensitive data. The attacks underscore the need for improved cybersecurity measures and proactive support from managed service providers (MSPs) to help these entities manage, detect, and respond to threats effectively. The situation also emphasizes the importance of public-private partnerships and investment in cybersecurity infrastructure to protect against future attacks.
What's Next?
In response to the growing threat, municipalities and small businesses are urged to audit their existing infrastructure to identify weaknesses and prioritize cybersecurity improvements. Immediate steps include ensuring systems are patched and updated, compartmentalizing systems to prevent the spread of incidents, and having a clear incident response plan. Cities are encouraged to consider public-private partnerships, reevaluate procurement processes, and prioritize attracting cybersecurity talent through fellowship programs. The Aspen Policy Academy continues to investigate the cyberattack related to a phishing scam targeting a business account, highlighting the need for ongoing vigilance and investment in cybersecurity.
Beyond the Headlines
The increasing frequency of ransomware attacks on small businesses and municipalities raises ethical and legal questions about data protection and privacy. The attacks highlight the need for stronger regulations and policies to safeguard sensitive information and ensure accountability for cybersecurity breaches. Additionally, the reliance on digital infrastructure for public services necessitates a cultural shift towards prioritizing cybersecurity as a critical component of governance and business operations.
