2019: Looking back: Cyber5. The Ransomware Menace
Experts say that 2019 should be declared the Year of Ransomware Escalation. The increasing number of attacks and the move by perpetrators to target large companies and public institutions in the United States and abroad is a turning point in the evolution of this digital form of blackmail.
Experts say that 2019 should be declared the Year of Ransomware Escalation. The increasing number of attacks and the move by perpetrators to target large companies and public institutions in the United States and abroad is a turning point in the evolution of this digital form of blackmail. The volume of ransomware attacks has been on the decline in 2018, but it appears that hackers were only refining code, performing recon in networks, and preparing for the biggest ransomware attacks since the worldwide Wannacry attacks of 2017.
In all, 82 cities and municipalities to publicly report being struck by ransomware in 2019.
Among the notable ransomware attacks:
· On 7 May, the city of Baltimore suffered a ransomware attack which infected city servers across multiple offices. The attackers demanded $72,000 in bitcoin to remove the malware, which Baltimore refused to pay.
· Later in May, Riviera Beach and Lake City, Florida were the first this year to report they had paid a six-figure ransom. Following attacks in May these small municipalities, made up of mostly retirees, had little recourse but to pay hackers. Riviera Beach paid $600,000 to decrypt communications systems and city servers.
· On 17 August, twenty-two towns and cities in Texas were attacked simultaneously. One victim, the Graham County Police Department revealed they had received a $5 million ransom demand, the largest demand up to that point, and the second highest demand all year.
Cities and municipalities were not to only victims of ransomware attacks
· By 1 December, 19 MSPs (managed service providers) had fallen victim to file and network encrypting malware in a series of one-to-many attacks that continues to reach hundreds of customers. Among the victims: Doctors, dentists, lawyers, accountants, payment processors, real-estate agencies, and more.
· By 1 December, a total of 72 US school districts have fallen victim to ransomware, impacting 867 individual schools and over 10,000 students.
State governments were victims of ransomware attacks, too.
· Louisiana declared a state of emergency twice in 2019, in July and in November.
· In Georgia, 30 Magistrate Courts and 23 Municipal Courts were victims of ransomware attacks. Seventeen probate courts were also impacted.
Healthcare organizations were also targeted by ransomware attacks in 2019. As of December, 43 healthcare organizations across the country have publicly reported attacks. The healthcare industry also holds the dubious honor of experiencing the largest ransom demand of the year—$14million—when Virtual Care Provider, Inc. of Milwaukee, Wisconsin was struck in November.
