RANSOMWARE | 5 MIN READ
Ransomware attacks pose one of the biggest security threats to both individuals and businesses alike, showing no signs of slowing down as hackers grow increasingly savvy and confident in their abilities. Read more to see our consistently-updated timeline of some of the biggest ransomware attacks of 2020.
Not enough time? Jump to:
The world's biggest currency exchange company, Travelex, was the victim of a ransomware attack starting on New Year's Eve 2019. Their data was held hostage for $6 million, causing the company to go offline for weeks while they sorted out the situation.
The strain of ransomware responsible for the attack is reported to be Sodinokibi, also known as REvil.
RELATED: How Ransomware has Evolved
Richmond Community Schools, Michigan
Officials for Richmond Community Schools, located in Richmond, Michigan, returned back from winter break to find that cyber-criminals had seized control of their servers.
The hackers demanded a $10,000 Bitcoin ransom to return control of the affected servers, which impacted the functionality of telephones, copiers, office technology, and more. So far, Richmond officials have refused to pay the ransom, instead opting to close three schools for a week while they sort out the problem.
Contra Costa County, California
Hackers deployed ransomware to shut down the online network of 26 Contra Costa County library branches the morning of January 3rd. For a little while after the attack, library services such as book check-outs and returns weren't available. Even after restoring these services, the libraries' Wi-Fi and printing services remained down for a while.
Spokespeople for the library system said that since the library doesn't store sensitive financial information such as credit card numbers, they do not believe any personal information was compromised as a result of the attack.
Enloe Medical Center
Enloe Medical Center in Chico, California was hit by a ransomware attack in January of this year, affecting the phone systems of the hospital and clinic as well as the hospital's private network.
Representatives for Enloe do not think that any patient data has been compromised.
Although Tillamook County, located in northwestern Oregon, was hit by a ransomware attack in late January, they were still recovering their systems through early February.
Once the ransomware was deployed, the county’s server, internal computer systems and website were down. To contain the spread of malware, county computer network connections were disabled. Eventually, county officials voted unanimously to pay the cyber-criminals who deployed the ransomware money to recover their systems.
Tampa Bay Times
The Tampa Bay Times, a local news organization, was attacked by a strain of the popular Ryuk ransomware in late January. Thankfully, their systems were restored and they didn't have to pay the hackers any ransom to recover their systems.
The Ryuk ransomware has been making headlines since 2018, typically aiming for larger organizations that hackers can demand a sizable ransom from. This tactic, known “big game hunting” has earned Ryuk's creators and users more than an estimated $3 billion so far.
Electronic Warfare Associates
You may not be familiar with this company, but you may recognize some of their clients. Electronic Warfare Associates, a government contractor, has clients like the Department of Defense, the Department of Justice, and the Department of Homeland Security.
Right at the tail end of January, Electronic Warfare Associates' network was infected with a strain of ransomware that they have yet to disclose further details about.
Besides the big-name clients potentially affected, this particular ransomware attack is notable because although this company develops products like drone jammers and threat systems that are advanced enough to be used by the US government, they still could not keep hackers from attacking their network.
How Can I Stay Protected from Ransomware?
While you cannot with 100% certainty prevent a ransomware attack, there are steps you can take to lessen the odds that a hackers breaks into your system to install it.
Stay Current with Security Patches and Software Updates
Many people forget or push off updating their anti-virus software or upgrading their firewall.
While we know this process can be a nuisance, every day that you wait to update your cyber security infrastructure after new versions emerge leaves you more vulnerable to ransomware attacks.
If you are able to, enable auto-updates on all security software and schedule any updates for late at night when you're not using your computer.
Strengthen and Protect Your Passwords
Weak passwords are one of the easiest ways that a hacker can break into your network and install ransomware. Consider both strengthening your passwords and protecting where they're stored to better leverage your cyber security infrastructure.
A main focus of any password policy should be to limit how much you write down your passwords. Writing a password down anywhere leaves it susceptible to being found by hackers. If you have too many passwords to remember, consider a secure password-storing program such as MyGlue.
Create passwords that don't use easy-to-find information such as birthdays or your children's names. When creating a password, make sure it's long and complex. Additionally, install two-factor authentication on your devices if possible, seeing as it's a widely used secure method of protecting accounts.
Secure Your Copiers and Printers
Printers and copiers are an overlooked security risk. Whether you are a business who owns corporate machines or an individual with a home copier, there are risks associated with both types.
For instance, personal copiers can have a "print from anywhere" feature that lets you print documents to the copier even when you're away from the office. However, this "print from anywhere" feature has little security because it has to create a hole in your firewall to allow you to communicate with the machine from anywhere in the world. Turn this feature off if you have it.
If possible, consider upgrading to a newer copier or printer. Some newer models created within the last 5-6 years have data security kits that you can enable. These kits can have data encryption functions, which scramble the data stored on your copiers and printers, rendering the information useless to a hacker.
Additionally, on some newer models of brands like Canon and Sharp, data security kits might also have features that, when a document is scanned, copied, or printed, erase those documents from the hard drive sometimes as many as 28 times.
Consider Managed IT Services
If you are a business, especially if you do not have any in-house staff to manage your cyber security, the thought of instituting the changes described above can sound daunting.
Managed IT services can help put all of the above cyber security suggestions and more into action. Managed IT services layers your cyber security infrastructure and then employs a team of IT experts to address any threats or issues that pop up.
To take the burden of updating software off of you, a managed services provider can update all cyber security software for you and install necessary security patches.
Managed IT services can help you create a password policy and role-based security that works for your business too. In the event that a ransomware attack happens or your network goes down, they can reduce downtime by quickly recovering data due to their use of frequent and secure backups.
Ransomware attacks can happen anywhere and any time − are you prepared?
Posted by Erica Kastner
Erica Kastner is a lead Content Specialist at Standard Office Systems as well as a University of Georgia graduate. She aims to use her passion for problem-solving to help businesses understand how to better leverage their cyber security infrastructure.