How Real is a Ransomware Attack Threat?

May 22, 2017

“Have you heard about the lonesome loser? He’s a loser but he still keeps on trying!” The Little River Band made these lyrics famous in 1979. But as great a song as that was, today I want to talk about data loss and how we keep trying and keep losing the battle.

The FBI has recently warned that ransomware attacks against hospitals, schools, government agencies, police departments, businesses and individuals are dramatically increasing. In fact, during 2015 the average number of ransomware attacks on US businesses was between 23,000 and 35,000 per month. In March of 2016 alone there were more than 56,000 attacks. This dramatic spike occurred at the same time the ransomware virus Locky came on the scene. Since the debut of Locky the number of attacks have continued to increase.

Ransomware is a type of virus that once installed on your computer locks and encrypts your data. Cybercriminals who send it threaten to destroy your files unless you pay a ransom.

In February 2017, a ransomware attack on a 4-office pediatric clinic in San Antonio, Texas also created a data breach of over 55,000 records. Can you imagine the cost of this breach? Let me help with that. According to the Ponemon Institute, a research organization located in Traverse City, Michigan, the average cost paid for each lost or stolen record resulting from a data breach in 2016 was $158. That is a direct cost of approximately $8.7 million. Think about what it would cost to update security, provide additional training for staff members, offer identity theft coverage to the individuals whose records were lost, possible fines associated with HIPPA, and, not least of all, paying the ransom.

Steve Weisman, a journalist with USA Today, wrote an article about ransomware in which he advices, after communicating with FBI specialists, that paying the ransom is rarely a good idea. Instead, he lists four actions we should take to protect ourselves against ransomware:

1. Avoid clicking links until you know they are legitimate

2. Use security software programs and make sure they are constantly up-to-date

3. Use application “whitelisting” which will only allow specific programs to run on your computer

4. Backup your data regularly.

Ransomware is not going away. The Ponemon Institute report states they expect nearly half of all business owners will fall under a ransomware attack in the future. Half! How often do you win a coin toss?

For more information on protecting yourself against ransomware, be sure to call your specialists at Advanced Computer Solutions.

Rusty Jones

ACS Staff Writer

Ransomware Causes Pediatric Group Data Breach, 55,000 Patient Records Ransomware

A four-site pediatric practice serving the San Antonio metropolitan area was hit with a CrySiS ransomware attack, and is offering 55,447 patients identity and credit protection services from Equifax Personal Solutions. The practice became aware of the attack on February 6, when an employee discovered malware that began encrypting servers. The encryption was slowed down by existing antivirus software, but had penetrated the network, and the practice’s IT vendor took all servers and computers offline. CrySiS is targeting US healthcare orgs, using brute force attacks via Remote Desktop Protocol (RDP). Here is a recent blog post with best practices to prevent these types of RDP attacks: https://blog.knowbe4.com/samas-ransomware-deletes-your-veeam-backups