Ransomware, the super pesky and problematic plague of the internet, continued its destructive and time-sucking path of thievery in 2018. As a form of malware that locks up and encrypts a user’s files and demands bitcoin for their safe return, ransomware can significantly impact your wallet and your productivity. Ransomware is generally introduced through a successful phishing scam, where a hacker tricks you into clicking on a fraudulent link or downloading a file containing the malware.
While the sheer volume of ransomware actually went down last year, there were several high-profile examples which shed additional light on just how dangerous this threat can be. Below are three lessons the technology community learned regarding ransomware in 2018 that prove how important proper ransomware prevention truly is for just about every business and organization.
Lesson #1: The Recovery Costs are Astronomical
When it comes to ransomware, many people only think about the cost of the ransom demand and not other factors that can cause the associated costs to climb. In March 2017, the Pennsylvania Senate Democratic Caucus was hit with a ransomware attack that shut down their computer systems for an entire day. While the demand to unlock the systems came in around $30,000 USD, Pennsylvania Senate officials opted to ignore the demand and rebuild all their systems from scratch. The ensuing system rebuild from Microsoft ended up costing the Senate Democrats $700,000…whoops.
In a similar issue, the City of Atlanta paid nearly $17 million to restore their systems after a March ransomware attack shut down their systems. These extremely high recovery costs may have been prevented with proper prevention, such as online Cloud backups and a working disaster recovery plan. While costly and painful, these attacks serve as a lesson to every business on just how expensive cyber attacks can be.
Lesson #2: Hackers are Smart…Real Smart
One of the scary things about cybercriminals is that many of them are pretty darn intelligent. Last month, a new form of ransomware known as Virobot emerged that made ransomware even scarier. Virobot ransomware is a triple threat attack that acts as ransomware, a botnet, and keylogger all in one. First, this attack will take on normal ransomware responsibilities by locking up all your files, and then continues to cause problems by emailing everyone on your Outlook contact list to infect even more machines. To make matters worse, this attack also acts as a keylogger, which means that it records your keystrokes in order to steal valuable information such as banking credentials and other private passwords.
Lesson #3: Hackers are Opportunistic Jerks
After natural disasters such as floods, tornados, earthquakes, and hurricanes, it is common for shady tricksters to emerge, hoping to make a profit off someone else’s misfortune. Recently a town still recovering from Hurricane Florence, which ravaged a large portion of the southeast US coast, faced another kind of attack. The Onslow Water and Sewer Authority of Jacksonville, North Carolina, was struck by a ransomware attack that quickly spread across their systems. With more than 15,000 people in the area depending on the utility provider for water, this was a problem that needed to be dealt with quickly.
In 2018, there was a rise in hackers targeting municipalities, cities, and utility providers in the hopes that they will be more likely to quickly pay the ransomware. While many smaller cities have opted to pay the ransom, larger municipalities and utility providers often refuse to pay the demand.
Again, this is an important lesson in having proper backups and a strong disaster recovery plan in place. Even for small businesses, early detection and proper planning can stop these types of attacks from causing too much damage.
Worried about ransomware? Reach out to our IT Services Division to discuss how our portfolio of security services can help.