Dresner Group Blog
3 Industries That are Facing Increased Ransomware Attacks
As Maryland businesses increase their reliance on technology, they have gained the attention of cyberhackers. The hackers are now holding networks hostage and demanding a ransom to release them. While any business can be a victim of a ransomware attack, there are currently three at-risk industries: hospitals, schools, and manufacturing. Here are tips to prevent ransomware attempts from succeeding.
Hospitals are the Main Targets of Ransomware Attacks Right Now
Hospitals and other medical institutions have always been targets of cyberattacks. However, traditionally these attacks were for the collection of patient data.
Patient data is valuable because it contains a wealth of information (social security numbers, credit information, and other personal identifiers), which can lead to identity theft in the hands of a bad actor. The HIPAA Journal predicts data breaches to cost the healthcare industry $4 billion in 2020 with next year shaping up to be worse.
As with most things related to the coronavirus, there is no end to the bad actors ready to take advantage of the chaos surrounding the crisis. In this case, the situation has become so dire that the Joint Cybersecurity Advisory has issued a warning to the healthcare and public health sectors about the dangers of ransomware attacks targeting medical facilities.
As many hospitals stagger under the weight of caring for COVID-19 patients, they are unfortunately having to choose between network security and expediency when engaging with patients. Cybercriminals know this and are willing to use this crisis to exploit and gain control of a hospital's digital operations and hold it for ransom.
Doing so, a hacker hopes they can disrupt the hospital’s operations and cause enough distress to extort the organization into paying them to release the data they have taken control of. As hospitals continue to be on the front lines, they are finding themselves increasingly under siege as ransomware attacks gain momentum.
Due to Their New Reliance on Remote Technology, Schools are Often Novices When it Comes to Security
As most industries are coping with the pandemic, school districts have turned to technology to continue to serve their students, via distance learning. Ironically, by increasing their reliance on technology, many school districts are now the targets of cybercriminals—hackers who have changed their MO and are currently seeking to disrupt the system to profit from it. Unlike previous attacks, this generation of cyberthreats isn't merely after data, but its control.
A cyberhacker's goal is to wrest control of the data from the school district, and in effect, lock them out of their systems. This translates to schools not providing instruction, placing students even further at risk of falling behind. With the pressure to continue to provide education essential to student success, an attacker who can disrupt the flow of information will wield considerable leverage. With leverage comes the ability to demand a ransom.
There was a recent ransomware attack that crippled the entire Baltimore County Public School system, resulting in students losing access to their learning materials and teachers, access to their students. At the time of this posting, the school system has not regained full control of their systems and has had to find alternative methods to provide distance learning to their students.
Manufacturers’ Growing Reliance on Automation Places Them at Great Risk
As we enter the next phase of the Internet of Things, and due to the pandemic, many manufacturers rely heavily on industrial internet of things (IIoT) to increase productivity via automation. Maryland industries have focused on automation as they enact social distancing recommendations or, unfortunately, enact layoffs. In the post-coronavirus environment, IIoT devices are valuable because they allow manufacturers to operate with a reduced on-site workforce.
As part of the industrial internet of things, these devices, as with any device which transmits data over the internet, are vulnerable to cyberattacks for a variety of reasons:
- Weak, guessable, or hard-coded passwords
- Inability to upgrade when vulnerabilities are discovered
- Insecure data transfer and storage protocols
- Unpatched embedded operating systems and software
When it comes to the damage a cybercriminal can cause if they gain access to their systems, manufacturers are somewhat unique from other industries. Besides client data being compromised, some other areas of risk are:
- Intellectual property can be stolen
- IIoT technology can be manipulated, resulting in damage to production
- Any other manufacturer connected to a compromised manufacturer are at risk of the same attack
For many manufacturers, their intellectual property is often the most significant asset they have. Moreover, losing control of their production line under IIoT devices' providence can place any company under incredible financial strain. These issues could break many businesses in normal times, let alone during these challenging times.
Cybercriminals recognize many organizations can't afford to lose control of their technology and would be willing to pay anything to regain control of it. The potential to gain profit from compromising client data, intellectual property, and production, all from one attack, is why manufacturers are a high-priority target for hackers.
For example, helicopter maker Kopter is the latest victim of a ransomware attack (as of this writing) as hackers have encrypted the company's files and are demanding payment to release them. The hackers released some confidential information on the Dark Web and promised to release it all unless they are contacted by Kopter, who, as of this writing, has refused.
Is Your Business Able to Survive a Ransomware Attack?
Don’t think because you’re not in one of the three industries currently under attack, you’re safe. Complacency is an ally of the cyber hacker and they count on businesses, particularly small and medium-size businesses to think that they are safe from attack. They’re not.
Many smaller businesses are simply easier targets with fewer security measures in place and more to lose.
Phishing attacks targeting Maryland businesses are increasing and the reality is—sooner or later—someone in your organization will click on the wrong link and expose your system to a cyberattack. While 24/7 monitoring, spam protection, and team security training can help reduce the number of successful malware attacks, it only takes one to place your business' survival at risk. The only way to take away the power a hacker has over you is to render the data they have taken control of worthless to them.
However, you can't do so if you have no copy of your data or the last copy you have is months out of date. If your backup data can't be retrieved because it's on the same system that has been infected and you're locked out, it's of no use to you. When considering your business' readiness for ransomware, you need to treat it the same way you would any other disaster and have a plan.
We can't emphasize enough how critical it is to your organization to have a backup and recovery (BDR) plan in place. You need to have a plan if you want to have a chance to protect your organization from a ransomware attack, or from something as mundane as a power outage.
Maryland Businesses: It's Time to Have a Disaster Plan
Whether your organization faces a natural disaster, human error, or falls victim to a bad actor attacking your network, Dresner Group can help. We're Maryland's leader in backup and recovery solutions. Not only can we offer your organization a solution that will work to protect your business from the trauma that typically accompanies a data loss event, we can also get you up and running as quickly as possible too.
Unsure if you need business continuity, data retrieval, or our full-service Disaster Recovery as a Service, call 410-531-6727 today to schedule an appointment. We will develop a customized BDR plan for your business. With our data protection in place, you don't have to pay a ransom to use your data.