Ransomware On the Rise & into Your Pockets

The first rule of a ransomware infection is “don’t pay that ransom!”. Just recently, well-known companies like Garmin, Blackbaud, US Travel Agency CWT as well as the Texas School District have paid a ransom in order to gain back access to their data. As recently as August 22nd, Canpar Express has also reportedly been hit by ransomware as confirmed by the SANS Institute. So what is ransomware? Imagine someone gained access to your computer and kidnapped all your precious files and demanded a ransom before returning your files. Except the files are still on your hard drive, they are just encrypted and without a password, you will not be able to access them. In order to gain that password, you have to pay anywhere from hundreds of dollars that extends into the millions in the form of Bitcoin to anonymous bad actors on the internet.

Now imagine an attack on a hospital and the critical IT infrastructure that the medical staff relies on to provide accurate patient care as well as for analytics and billing has been brought to a halt by ransomware which has spread to every single computer. Doctors can’t access files for patients, surgery schedules are unavailable, medication, and dosage, as well as the associated history, is just not there. This just became really dark, lives are now at risk and the hospital is liable. According to Modern Healthcare, Hackensack Meridian Health which is a 17 hospital system within New Jersey, experienced an IT disruption due to a ransomware attack. As a result, non-emergency surgeries had to be rescheduled and all medical staff reverted to using paper while the IT system was down for two days. The healthcare conglomerate paid the ransom of an undisclosed amount. But the cost did not stop at the ransom that was paid, additional costs were also incurred aimed at recovery efforts of bringing the IT infrastructure back online as well as paying for an investigation to verify if sensitive patient data protected by compliance laws like HIPAA was exfiltrated by the hackers usually to be sold on the dark web. An investigation of this nature can cost hundreds of thousands of dollars possibly going into the millions. This is an ongoing pervasive attack aimed at healthcare facilities and amid COVID 19, which has emboldened the efforts of ransomware attackers with more malicious strategies and larger sums of ransom being demanded. Comparitech reported that ransomware has cost US healthcare $157 Million Since 2016. 

Ransomware is not limited to large companies only, it also affects everyday users of personal laptops, PCs, and Macbooks and before you ask, everyone is vulnerable to this kind of attack. Traditional Antivirus is not capable of saving your machine from being infected, the latest home router or firewall can also be bypassed with ease depending on the vector used for the initial infection. Many times the method of encrypting the machine’s hard drive will ride an underlay of a wormable or trojan malware that spreads to all computers of a certain operating system within the targeted network. Basically, once the malware is in your network, there is a very high chance that every single machine that you have at home will be infected. According to The SSL Store’s Security Blog, the cost of ransomware is on the rise and is estimated to reach $20 billion by 2021. 

It’s not all bleak and dark, there are steps that can be taken to protect yourself, and that starts with backing up your files periodically. This is a task that can be automated very easily and options include backing up your data into the cloud via vendors like Dropbox and Google, to name a few. Another option is to keep an external drive that you would back up your data to periodically but requires more of a manual approach as you don’t want this drive constantly connected to your computer or router. All in all, backup your data, backup your data and also, backup your data. Furthermore, try not to open suspicious emails, download illegal game cracks or generators, and don’t visit malicious websites that are full of javascript known to deliver payloads that detonate via your browser. Some extensions that are worthy of attention would be uBlock Origins, No Script, and Ghostery. These are free extensions that are available on Chrome as well as Firefox and are completely free. Malwarebytes Labs has a great article on the history and types of ransomware which can be viewed at blog.malwarebytes.com/threats/ransomware and is a great read.

Copyright © 2004 – 2020. All Rights Reserved. Questions or site errors? Email – linden@ksiglobal.com