Ransomware: What You Should Know About the Latest Attacks

Ransomware is a multi-cloud problem for organizations of all sizes, especially small and medium-sized businesses (SMBs), which have become a new favorite target for cybercriminals. A couple of the latest attacks have highlighted the increasing need for SMBs to take proper precautions to better protect themselves against malicious software infiltrating networks across the country.

Ransomware attacks aren’t going away anytime soon. There was a 363 percent year-over-year increase in ransomware attacks during the first half of the year, according to a Malwarebytes report, which explored the evolution of ransomware attacks. Businesses are taking note of the nasty threat.

Nearly 90 percent of companies consider ransomware a critical threat to their businesses. According to a report on how IT executives are implementing disaster recovery (DR) throughout their organizations, many companies have recently experienced DR events caused by ransomware attacks.

Published by Datrium, a multi-cloud data platform company, the report, titled “State of Enterprise Data Resiliency and Disaster Recovery 2019,” found that more than 36 percent of businesses that have experienced a DR event in the past year identified ransomware as the primary cause of the incident.

Here are a couple of the latest ransomware events in the news you should know about if you want to stay up to date on what’s been happening in the cybersecurity threat landscape.

Cybercriminals attack Louisiana’s state servers, again

Louisiana recently fell victim to a ransomware attack, which interrupted several services across the state, but no data was compromised in the cyberattack.

The attack impacted several state services being used by agencies at the time — including email, websites, and other applications — but it didn’t directly interrupt services, according to Louisiana Governor John Bel Edwards, who tweeted about the incident numerous times. The state directly caused the service interruption by shutting down some of its servers to prevent infection.

In response to the attack, the state activated its cybersecurity team. The state’s Office of Technology Services (OTS), which oversees the team, confirmed that the attack was similar to the ransomware that was targeting school districts and government entities in the U.S. this past summer.

The state didn’t pay the ransom demanded by the cybercriminals.

Many cybersecurity professionals and government agencies, including the FBI, advise against entities complying with ransom demands. One of the main reasons why is that it’s not guaranteed an organization will regain access to its data after paying the ransom requested by the hacker.

Louisiana has been through this before. Ransomware hit three school districts in the state over the summer.

Russian hackers hold IT provider’s data hostage

Even IT providers are having a difficult time preventing ransomware attacks.

The Cybersecurity and Infrastructure Security Agency (CISA) in October 2018 issued a warning about the increasing number of cyberattacks on IT service providers. Instead of gaining access to a single company’s network, cybercriminals can infiltrate many networks when successfully attacking IT services providers. These targets have access to customer data that they can easily exploit.

For example, hackers recently launched a ransomware strain inside a Milwaukee-based IT provider’s networks; this malicious act affected more than 80,000 computers in 45 states across the country.

The cybercriminals demanded $14 million from the company, Virtual Care Provider Inc. (VCPI), which provides IT support and services for long-term post-acute care, in exchange for a digital key needed to unlock access to the files; at the time of the attack, VCPI couldn’t afford to pay the ransom.

The attack impacted facilities under VCPI’s jurisdiction differently. Some locations couldn’t gain access to patient records, pay employees, or order medications.

Ransomware attacks are evolving. The best way to stay on top of what’s going on in the space is by paying close attention to how the latest types of ransomware attacks are impacting businesses, local school districts, and health care providers. Staying informed helps with preventing future attacks.

About the Author: