Ransomware attacks grew less common in both 2018 and thus far in 2019 when compared to 2017. Unfortunately, recent events have made it more likely that this trend will reverse in the near future. Why is that? Simple: some municipalities have set a precedent of paying up.
Let’s explore a hypothetical situation: a mouse asks you for a cookie. If you were to give this mouse a cookie, which do you think would be more likely: he says “Thanks!” and goes on his merry way, or he simply increases his demands of you until they are untenable? The latter is almost certainly going to be the case, and the same goes for cybercriminals.
It is no secret that holding valuable things for ransom has long been a choice tactic of criminals of all kinds, but via ransomware, cybercriminals have taken it into the digital world.
The way ransomware works is that, by infecting a device (frequently via phishing or spam), a cybercriminal is able to leverage encryption to lock down their target’s device and potentially the rest of the network the device is attached to. In order to maximize the efficacy of these attacks, cybercriminals will often leverage spear phishing tactics to minimize any suspicion surrounding the attack.
One of the other reasons that ransomware is taken so seriously is the fact that - despite the number of infections dropping - the FBI’s Internet Crime Complaint Center states that the damages experienced by targets have risen.
This is where the attacks on municipalities come into play.
In the early summer of 2019, two Florida cities, Lake City and the City of Riviera Beach, were effectively shut down by ransomware attacks. Indiana’s LaPorte county paid a ransom of about $130,000 worth when their domain controllers were infected by a ransomware known as Ryuk.
One of the primary reasons that municipalities and governments have been targeted by ransomware is the fact that insurance coverage is available for such attacks, meaning that there is less of a risk to municipalities in paying the ransom. As a result, these cities, towns, and counties have less to potentially lose, and are more inclined to just pay the ransom.
However, if your business is targeted, this is not a strategy that we can recommend.
To help minimize the risk of your data being lost to a ransomware attack, you need to make sure that you maintain up-to-date backups of your data that are kept isolated from the original copy. It is also crucial that these backups are tested, as the only thing worse than losing your data to a ransomware attack is losing your data to a ransomware attack after your backup failed.
Furthermore, you need to be sure that your employees remain educated on how to spot and avoid attacks like ransomware and phishing. Ideally, your employees won’t have more access to your systems than their roles require.
For more help and assistance in securing your IT, reach out to SMART Services at 586 258-0650.