Ransomware, ransomware… Everywhere.

Dealing with ransomware has become commonplace among IT departments.  “Ransomware” refers to a kind of malware in which criminals block access to computer resources (often by placing a lock on files), releasing them only when they receive ransom money from the victims.

Unfortunately, this is a very real problem that affects many different institutions every day from school districts and colleges to hospitals, cities, and even counties.  In 2015, ransomware cost victims upwards of $24 million.  As you will see from the reports below, no one is completely safe from the threat of ransomware.  Are you prepared?


Ransomware Threatens our Schools

In South Carolina, it was reported that Horry County School District had up to 60% of their computers frozen during a ransomware infection. The perpetrators asked for $10,000 in exchange for the files. They demanded that the money be sent through a service called Bitcoin which makes tracing nearly impossible. Consequently, the FBI was able to provide little help and the district paid the ransom in full.

The district got its files back, but at no small cost. Imagine how that money could have been used to improve schools–I’ll bet there’s not a single employee or parent in that school district who couldn’t think of a better use for it.

Of course, individuals can also be targeted. For example, hundreds of Portland State University students received an e-mail containing a ransomware virus in March. At least one fell victim to the attack, paying $600 to save his dissertation (money that can’t have been easy to pull together given the heavy tuition costs that plague many students).

As you can see, ransomware criminals prey on those most prone to desperation in an attack, and they don’t care who it affects.

Ransomware Threatens Medical Patients

Unfortunately, hospitals are at an even greater risk of being targeted. This is because doctors rely on up-to-date records to ensure that their patients receive proper care–especially those in critical condition–so they are more liable to take drastic action.

In February, the Hollywood Presbyterian Medical Center of Los Angeles was targeted for a $17,000 ransom. Doctors could not access files for more than a week, meaning they could not easily obtain important documents like drug histories or surgery directives. For the sake of its patients, the hospital finally gave in, again paying the criminals through Bitcoin.

Ransomware Threatens our Cities

After a ransomware attack on police in Melrose, NY, officers couldn’t use their computers and had to resort to hand-writing reports, costing them valuable time and the loss of important documents. In another case, this time in Plainfield, N.J., three of the city’s servers were locked for a ransom of 650 euros. When law enforcement got involved, the perpetrators disappeared. However, even after getting their systems back, the city was unable to retrieve some files.

Facing an Attack

Despite being an issue for more than a decade, there is still a lot of uncertainty surrounding ransomware, and most IT staff just hope that they never have to deal with it.

Recovering from an attack is not an easy process. First, the infected machines have to be isolated so that the infection doesn’t spread. Next, they have to be cleaned. This often means restoring from an image (if one exists) or wiping it and starting over. Finally, if backups exist for user data, it can be placed back onto the machine. Unless your organization is well-practiced in cleaning/building/restoring, this process can take days or even weeks. Sometimes, as in the case of Plainfield, you will not be able to recover all of your data and you will continue to lose time as you scramble to accomplish tasks without it.

Again, ransomware is a growing problem as cyber criminals continue to use it to generate revenue.

Aside from applying technical solutions, have you adequately warned employees about e-mail attachments and safer surfing practices?  If not, it’s time you did.





Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s