It's 2020 and ransomware attacks continue to grow!
This post is originally written for Theta432. You can access it here.
Ransomware attacks have continued to grow and the year 2020 is no different.Almost all the businesses and individuals can be a target. The most vulnerable to a ransomware attack are Healthcare, Governments, Educational Institutes, Financial institutes, Public Infrastructure, Retail, HR Departments, etc.,
First 15 days of 2020 have already seen some ransomware attacks across many different type of targets. Here are a few
- Ransomware forces a US-regulated maritime facility off for 30 hours. The US coast guard revealed the attack and did not disclose the name or location of the facility. Cameras, door access control, and monitoring systems at the site were affected. The officials suspect that the ransomware was sent through an email link and an employee clicked it open.
- Enloe Medical Center in California had a ransomware attack and was forced to postpone a few procedures. Staff was unable to access the patient information as the data had been encrypted by the ransomware. They were able to restore the phone system after a few days. More than two weeks since the attack Enloe continues to care for patients under EHR downtime procedures.
- ?Contra Costa County in California is hit by a ransomware attack. 26 community libraries got affected by the attack. According to sources, the affected servers have been taken offline. No wifi and printing is available at the branches. They could restore some services like checking out and returning books.
- ?Richmond Community schools were forced to shut due to a ransomware attack. Students of Richmond community Schools had a reason to smile, they had extended Christmas holidays due to a ransomware attack. But the school staff is frowning as the attackers have demanded a ransom of $10000 to be paid in bitcoins. The attack took down several systems like Classroom Technology, Telephones, Copiers, etc.,
These are few of the attacks which we know of. There may have been a lot many attacks on smaller organisations and individuals. There seems to be no end to these attacks.
Letus understand what a ransomware is!
Ransomware is a malicious software which is mostly sent through an email. When the recipient opens the email and clicks on the link provided in it,the malware starts encrypting the data on the system and makes the system useless without the decryption key. A ransom note is displayed on the screen with the details of where to send the ransom in order to get the decryption key. The ransom is demanded mostly in the form of bitcoins. Once the ransom is paid, the attacker sends over the decryption key. It's another story that some keys work and some don't.
Well I said some keys don't work right!
Yes that's true. Many people who have paid ransom have never got a key and even when they got one, it did not work. That's one compelling reason we must not pay ransom. ?
So what do we do when our systems are encrypted by a ransomware??
Try your luck at NoMore Ransom! There are a lot of other tools also and a lot of vendors also, but recovery is all up to your luck.?
How do we defeat ransomware??
The best strategy to counter a ransomware is to have a robust backup policy. A good back up plan with a Disaster Recovery (DR) system will save you the pain of going through all the above pain. The system can be up and running in a few minutes.
Theta432 can help you in defeating the ransomware menace.
Authored by
Basheer Ahmed Khan
Director of Operations, India