Ransomware on the Rise

Written by: Chase Langhorne, Esq. 

Ransomware attacks are plaguing businesses all over the world and, unfortunately, show no signs of slowing down. The scenario goes something like this: you come into work, pour a cup of coffee, go to check your email and nothing seems to work. You cannot open your email, nor any files on your computer. Slowly people start walking the halls asking if you are having the same problem. Soon it’s noon and no one in the office has done any work. Your network has been hit with ransomware and you are dead in the water.

This is an increasing reality for many businesses, government institutions, and even individuals. Ransomware is a common term in the information technology world, and is becoming more of a household name. Ransomware is a form of malicious software placed on a computer or network that encrypts files such that users are prevented from accessing their system or files until a ransom is paid. Ransomware can infiltrate a system, among other ways, via a phishing e-mail or  an unsecure network portal. The only way to decrypt these files is with a key known only to the hacker who placed the software in your environment. The ransom demanded by the hackers to obtain the decryption key ranges from one hundred dollars to millions of dollars, with the average demand reaching nearly $13,000. However, some organizations are not getting off that easily.

Specifically, municipal organizations such as cities, public schools, and police forces are being targeted as of late. The demands for such organizations can be over $500,000. These attacks are crippling some to the point that they are being forced to return to using paper to conduct business.

However, there are some measures organizations can take to be prepared for a ransomware attack. Many commercial insurance providers offer cybersecurity insurance policies which, depending on the policy, could cover costs associated with a ransomware attack such as legal fees, IT forensic investigations, and even the cost of the ransom. Internally, it is a good practice to regularly update your organization’s policies and procedures and provide training to ensure your entire team has the most up to date information on the ways hackers are attempting to access your systems.

There are multiple reasons it benefits organizations to have these preventive systems in place. Not only will it help you continue business as usual and avoid a potentially embarrassing public relations event, but there are many federal and state laws that carry liability for organizations that do not take adequate measures to protect personal data. While many ransomware variants only encrypt files and do not exfiltrate, there are variants designed to exfiltrate data from your network, which could cause disastrous legal consequences. For example, if you are a medical practice and a hacker now has copies of patient files, there are huge liability concerns at both the state and federal levels. it is a good practice to regularly update your organization’s policies and procedures and provide training to ensure your entire team has the most up to date information on the ways hackers are attempting to access your systems.

On a personal level, hackers are beginning to target individuals in their personal lives, outside of work. There is a new variant of ransomware targeting devices running the Android operating system and attacking via SMS messaging. This variant is sending malicious links disguised as legitimate links that will lock down your mobile device until you pay the ransom. It is likely that these more “personal” attacks are only going to increase.

Taking steps to shore up your network security and also taking the extra few seconds to verify all links in messages can be time consuming, but they are crucial to ensuring security of personal data.