The Recent Surge of Ransomware & how it Affects you

Lately, there has been much talk in the news about large organizations getting hit with ransomware attacks. Whether it was Colonial Pipeline, CNA Financial, or JBS Foods, ransomware attacks are surging and starting to affect our lives.

            According to data from BlackFog’s the State of Ransomware in 2021 report, ransomware is up 63% year over year. On top of that demands are increasing as much as 171% from previous years, for an average of $314,000.  

            These ransomware attacks are not just targeting large, international organizations. Wentworth Golf and Country Club, a small golf club was hit with an attack in January that compromised member data. Tennessee Wesleyan University had to shut down remote learning for a period of time and university officials had to ask students and staff to not use university systems. Buffalo public schools also shut down virtual classrooms after a ransomware attack affected technologies across the entire district. The University of California and The University of Maryland were also cybercrime victims in 2021 as well.

            The education sector has been hit particularly hard with ransomware this year. There have been 21 known ransomware attacks hitting US educational facilities in the last 5 months. However, checking in right behind the education sector with 20 known attacks in 2021 is government facilities.

            Yuba County in California was a ransomware victim in February when hackers encrypted critical data and demanded payment to unlock it. The City of Lawrence in Massachusetts had all of its computers disabled, and then hackers were able to gain access to the cities fire and police department systems. The Illinois Attorney General Office was hacked and data about state prisoners and their cases were leaked on the dark web.            

            Let’s take a look at just how much ransomware has increased compared to 2020, and what industries are getting hit the hardest.

You can see from the data that cyberattacks are up from last year already. In the first five months of 2020, there were 75 known cyber attacks. In the first five months of 2021, we are already at 120 attacks, for an increase of 63%. This is an alarming trend for any organization that would be facing any significant downtime in the event of a hack.

Now lets take a look at where these attacks are landing, and what industries are getting hit the hardest.

             The government, Education, and the Services industry are clearly getting hit the hardest. You may be wondering why that is. The answer lies in the data. Seriously.

             Hackers’ favorite targets are those that hold a lot of private citizens’ data. Places like government facilities, healthcare centers, and services like Amazon prime or grocery delivery services. It is important to remember that the reason they hacked you is to get money. Their first goal is to get you to pay the ransom to retrieve your data, but if you refuse, their second objective is to have as much personal data as possible to sell on the dark web.

How you can prevent ransomware

The best response to the recent surge of ransomware is a great defense. Backing up data is a best practice that is implemented by almost every successful organization. But did you know that your backups should be stored in a separate location from your originals? Offsite or cloud backups are becoming more and more popular because of the range of protection they provide. Whether your office gets hit with a ransomware attack, or a natural disaster (i.e. Fire, Tornado, etc.) your data is safely secured offsite and can easily be accessed.

It is also important to make sure you aren’t leaving any doors open for hackers to get in. Ensure that your applications and systems are updated with the most recent patches. Having a quality firewall and anti-spam/phishing software in place can help close a lot of potential openings for hackers to get in.

However, the most important aspect of your cyber defense plan is what we at Current Technologies like to call, the human firewall. Training your employees to identify and respond to phishing attempts in the correct way is going to save you the most in the long run. KnowBe4 is a great tool that provides training on the latest trends in cybersecurity to employees. KnowBe4 also allows management to simulate phishing attacks and test personnel on their cybersecurity awareness. They boast the world’s largest online library of security awareness training content.

You’ve been hit… what to do now

The hackers seem to have won, for the time being at least. But just because they are in your system doesn’t mean you have to give up the fight. Industry experts argue about what your next steps should be, but there is a consensus agreement that first and foremost, you should NOT pay the ransom. Paying hackers ransom only encourages and funds their illegal activities. Remember, these people are criminals, even if you pay the ransom there is no way to guarantee the return of your data. There have even been instances where an organization paid the ransom, got their data back, and was then hacked again by the same group.

After swearing to yourself that these hackers aren’t going to beat you, your next step should be to isolate the infected computer from your network. Find the patient zero computer and remove it from wireless, Bluetooth, and any other potential networking capabilities. Disconnect any other potentially infected devices and remove them from any shared networks. If possible, it is a good idea to place all infected technologies in a central area and clearly label why the technology isn’t in use anymore.

It is critical that you identify the infected technologies and begin damage control immediately. Ransomware can lock down files in a single computer in just a few minutes, and spread throughout the network not long after. This is why identifying infected technologies and removing them from your network quickly is key.

Once infected devices have been removed, if you have good, offsite backups, you shouldn’t lose any critical data. Ensure that your backup data is secured and offline. If possible, it is a good idea to scan your backup data with an antivirus program to be sure it is free of malware.

The best defense is still prevention. Ransomware attacks can often be avoided by having employees that are trained in identifying ransomware delivery tactics and reporting them. Current Technologies excels in the prevention of ransomware. We are partnered with companies that can help you every step of the way from identifying ransomware tactics, firewalls, antispam, data backup and protection, and data recovery. If the recent wave of ransomware has you questioning your defense, please fill out the form below for a quick and free cybersecurity evaluation. Our engineers can take a look at your entire system and give you recommendations to help avoid a ransomware disaster.