Ransomware is on the rise. Until recently, ransomware used to be a crime targeted at consumers and small businesses. Cybercriminals who carry out these attacks have become more confident in their abilities and have elevated their game to take down some of the biggest companies in the world. It only takes hackers six minutes to compromise an organization, 60% of the time. Ransomware is not industry specific, meaning no one is safe. Like any other types of crime, ransomware has been responsible for a multitude of high-profile crimes. There are many infamous attacks documented, but I would like to focus on three high-profile cases.
Horry County Schools
Horry County Schools in South Carolina was brought to a screeching halt due to ransomware. Earlier this year hackers gained access to the school district’s network through an outdated server. The attack locked computers that contained sensitive intellectual property and lesson plans. Teachers in the school district had to create new lesson plans and Wi-Fi was shut off at some of the schools as a precaution. At first, the school district stated they would not pay the ransom for the decryption key. This decision was later reversed and the school district paid out nearly US$10K in Bitcoins. The attackers are believed to be from a country outside the United States. Currently, the FBI is investigating this crime.
Hollywood Presbyterian Medical Center
Ransomware can even bring a hospital to its knees. This past February the Hollywood Presbyterian Medical Center in Los Angeles found this out the hard way. The attack locked computers and encrypted patient information. Routine medical practices such as CT scans were unavailable, and patients were sent to other medical centers for their scans. Doctors and nurses resorted to pen and paper to keep track of what was going on because no computer access was allowed. The stakes were particularly high in this attack because critical (and sensitive) patient data was hijacked. The hackers used this to their advantage and demanded a US$3.6 million ransom. The cybercriminals eventually reduced the ransom and Hollywood Presbyterian Medical Center ended up paying US$17,000 in Bitcoins in exchange for the decryption key. The FBI is investigating this attack as well.
Sony Pictures Entertainment
Perhaps the most infamous cyberattack was the hack on Sony Pictures over the film “The Interview,” a comedy centering around two American spies trying to assassinate the leader of North Korea. Sony Pictures received an email threatening terrorist attacks at cinemas if the film was screened. This attack also included the leaking of unreleased Sony films, portions of films scripts, 47,000 Social Security numbers, and employee emails discussing anything from Angelina Jolie to the James Bond film script “Spectre.”
Is your data backed up and is it restorable?
The FBI has estimated that cybercriminals have collected US$209 million in Q1 2016 alone, on pace for a $1 billion year and up from US$23 million in all of 2015.That said, if a business, or its users, have an appropriate data backup plan in place the consequences of these attacks can be minimized. Organizations need to be asking themselves, “In the event of a ransomware attack, is our data restorable?” Threat detections and anti-virus software are not going to protect you from these sophisticated cyberattacks. Your data must be backed up and it must be restorable to a point in time prior to the ransomware attack! Learn how Mozy can help.