RANSOMWARE | 4.5 MIN READ
Ransomware attacks are on the rise as more cyber criminals see the lucrative advantages of targeting businesses' networks. As a Managed Service Provider, we aim to use our ransomware expertise to educate the public on emerging trends and how to avoid becoming a victim. Keep reading to learn some of the worst ransomware attacks of 2021 so you can see developing attack patterns and learn how to avoid becoming a victim.
What is Ransomware?
Ransomware is exactly what it sounds like –a form of malware (also known as malicious software) that encrypts personal or company data and holds it for ransom. Once a victim's data is encrypted, hackers threaten to publish, destroy or sell the information on the dark web if their monetary demands are not met.
Ransomware is typically spread through phishing schemes or direct hacking of a company's network. Phishing schemes allow a hacker to trick a victim into providing personal information such as account logins, which can then be used to hack their network.
RELATED: How Does Ransomware Work?
Biggest Ransomware Attacks of 2021
Paper and packaging giant WestRock Co. was hit with ransomware at the tail end of January that impacted certain aspects of its operational and IT systems.
Certain locations with subsequent technology issues stemming from the attack temporarily had to use alternative methods to process and ship orders.
Victor Central Schools, New York
In late January, the Victor Central School System servers were compromised by a ransomware attack that encrypted a variety of files and systems, including aspects of their Windows Active Directory.
Thankfully, district representatives stated that student and staff data as well as financial data weren't compromised.
RELATED: How Ransomware has Evolved
Notable Case: City of Oldsmar, Florida Water Treatment Plant
Though this case was more of a cyber breach than a ransomware attack, it made enough news headlines that it was necessary to include it in this article.
In early February, a water treatment plant in Oldsmar, Florida was hacked by an unknown party who then attempted to poison the water supply by raising the levels of sodium hydroxide. Thankfully, workers at the plant remedied the problem before the water level adjustments could take effect.
The hacker likely breached the system by taking advantage of outdated network infrastructure. This attack signals an increased need for cyber security in government computer systems.
Automatic Funds Transfer Services (AFTS)
Automatic Funds Transfer Services (AFTS) is a payment processing and address verification system utilized by many US cities and agencies. The ransomware attack that was carried out on their network negatively impacted website and payment processing functionality.
This ransomware attack has significance for the potential impact on consumer data, seeing as AFTS' network houses large amounts of sensitive data such as billing information.
CD Projekt Red
Video game developer CD Projekt Red, most famously known for its video game Cyberpunk 2077, was the victim of a ransomware attack in early February.
The attackers say they stole business information like investor relations, human resources, and accounting data. The hackers threatened to publish the game's source code unless the company paid the ransom, a threat which the company fought back against by refusing to pay.
The attack came at an interesting time for the company, seeing that just months earlier, the release of Cyberpunk 2077 was widely criticized for its bugs and other performance issues. This attack forced the company to release patches to update the game and restore consumer confidence.
Kia Motors America
Kia suffered from a devastating ransomware attack from the DoppelPaymer variant in which the hackers demanded a ransom over $20 million.
The attack caused widespread network outages that affected everything from their mobile UVO Link apps, payment systems, and internal sites used by dealerships.
The hackers state that they attacked Hyundai Motor America, Kia's parent company. However, Hyundai does not appear to be affected by this attack.
Underwriters Laboratories LLV
UL LLC, better known as Underwriters Laboratories, the largest safety certification company in the United States, was hit with a ransomware attack that encrypted its servers and caused the company to shut down certain systems while they recovered.
The company declined to pay the ransom, instead opting to recover their systems internally.
How to Prevent Ransomware Attacks
Stay Current with Security Patches and Software Updates
Many people forget or push off updating their anti-virus software or upgrading their firewall.
While we know this process can be a nuisance, every day that you wait to update your cyber security infrastructure after new versions emerge leaves you more vulnerable to ransomware attacks.
If you are able to, enable auto-updates on all security software and schedule any updates for late at night when you're not using your computer.
Educate Employees About Cyber Security
While our computers and security software are built to be perfect, humans aren't. Employee cyber security errors are one of the most common methods that hackers use to gain access to your network and deploy ransomware.
Employees should be trained on cyber security best practices, such as how to create a secure password and how to recognize and avoid phishing emails.
A main focus of any password policy should be to limit how much you write down your passwords. Writing a password down anywhere leaves it susceptible to being found by hackers. If you have too many passwords to remember, consider a secure password-storing program such as MyGlue.
Create passwords that don't use easy-to-find information such as birthdays or your children's names. When creating a password, make sure it's long and complex. Additionally, install two-factor authentication on your devices if possible, seeing as it's a widely used secure method of protecting accounts.
Phishing emails are another common vector by which hackers deploy ransomware on a victim's network. By training employees on phishing email red flags, such as urgent language and oddly formatted email addresses, one can reduce the chances of an employee falling for a phishing scheme.
Secure Your Copiers and Printers
Printers and copiers are an overlooked security risk. Whether you are a business who owns corporate machines or an individual with a home copier, there are risks associated with both types.
For instance, personal copiers can have a "print from anywhere" feature that lets you print documents to the copier even when you're away from the office. However, this "print from anywhere" feature has little security because it has to create a hole in your firewall to allow you to communicate with the machine from anywhere in the world. Turn this feature off if you have it.
If possible, consider upgrading to a newer copier or printer. Some newer models created within the last 5-6 years have data security kits that you can enable. These kits can have data encryption functions, which scramble the data stored on your copiers and printers, rendering the information useless to a hacker.
Additionally, on some newer models of brands like Canon and Sharp, data security kits might also have features that, when a document is scanned, copied, or printed, erase those documents from the hard drive sometimes as many as 28 times.
Consider Managed IT Services
If you are a business, especially if you do not have any in-house staff to manage your cyber security, the thought of instituting the changes described above can sound daunting.
Managed IT services can help put all of the above cyber security suggestions and more into action. Managed IT services layers your cyber security infrastructure and then employs a team of IT experts to address any threats or issues that pop up.
To take the burden of updating software off of you, a managed services provider can update all cyber security software for you and install necessary security patches.
Managed IT services can help you create a password policy and role-based security that works for your business too. In the event that a ransomware attack happens or your network goes down, they can reduce downtime by quickly recovering data due to their use of frequent and secure backups.
RELATED: How to Deal with a Ransomware Attack
As a Managed Service Provider, we use industry-leading tactics to secure clients' networks and prevent ransomware attacks. We hope our expertise taught you how to help prevent a ransomware attack on your business!
For more ransomware and cyber security content, follow our blog!
Posted by Erica Kastner
Erica Kastner is a lead Marketing Specialist at Standard Office Systems as well as a University of Georgia graduate. She aims to use her passion for problem-solving to help businesses understand how to better leverage their network infrastructure.