The recent wave of ransomware attacks warrants a more in-depth look into this type of malware; it’s history and evolution, types, the most common medium of infection, prevention, and recovery. However, this is an extensive subject, and we’ll discuss it in a series.
But before I dive into these topics, and as a way of introduction, I want to illustrate what I mean when I write “the recent wave of ransomware attacks.” I think this is important because some people believe that talking extensively about situations that are threatening to society at large is a form of fearmongering. I, on the other hand, agree with Nancy Rainosek, Chief Information Security Officer of the Texas Department of Information Resources, statement that “Information security is everyone’s responsibility. From IT providers to end users, we all must remain vigilant and practice good cyber hygiene practices.”(1) With this in mind, through this series, I intend to round our knowledge about cybercrime, help us gain awareness about how infection happens, and promote cyber defense habits.
The attacks I am referring to are the ones reported by the more than 20 local government entities in Texas last August, and the very sad case reported by the Wall Street Journal in its article “Smaller Medical Providers Get Burned by Ransomware,” published on October 6th.
A RANSOMWARE ATTACK ON MORE THAN 20 LOCAL GOVERNMENT ENTITIES IN TEXAS
Last August 16th, more than 20 local government entities in Texas woke up to a ransomware demand. Fortunately, the Texas Department of Information Resources had a plan in place, and they were able to respond right away. Within hours, they began eradicating the malware at the most critically impacted sites, and a week later, they gave clearance for the remediation and recovery phases.
CAMPBELL COUNTY HEALTH OF GILLETTE, WYOMING
The unfortunate case of Campbell County Health in Wyoming forced the hospital to cancel services and transfer patients to other hospitals. Doctors went back to pen and paper as they documented medical conditions, and patients had to bring their prescription bottles to visits.(2) This attack was so pervasive that even some of their medical equipment was affected.
Although the attack became manifest on September 20th, the last update by the organization indicates their Respiratory Therapy and Sleep Center divisions remain closed.(3)
CONCLUSION
As history has shown, the sophistication of cybercrime will continue to evolve, and it is our responsibility to educate ourselves about it. Although I will discuss it in the “Ransomware: Mediums of Infection” installment, know that phishing is the most effective weapon for criminals. And this makes sense because just remember, how many times have you clicked in an email from your bank, insurance, or credit card companies?
Next time, I’ll tell you about the first documented ransomware case. And although monkeys had nothing to do with it, more than 20K AIDS researchers were infected through a quasi-prank by an American mad scientist.
This post is sponsored by SMB Networks, a company that provides Tech Support in New Haven and has more than 13 years of experience helping medical practices across Connecticut. Get your Cyber Defence Best Practices List to start protecting your business now.
1 – “Update on Texas Local Government Ransomware Attack.” Texas Department of Information Resources, September 5, 2019. https://dir.texas.gov/View-About-DIR/Article-Detail.aspx?id=213.
2 – Janofsky, Adam. “Smaller Medical Providers Get Burned by Ransomware.” The Wall Street Journal. Dow Jones & Company, October 6, 2019. https://www.wsj.com/articles/smaller-medical-providers-get-burned-by-ransomware-11570366801.
3 – “CCH Experienced a Ransomware Attack.” Campbell County Health. Campbell County Health, September 20, 2019. https://www.cchwyo.org/News/Press_Center/Health_News/2019/Service_Disruptions_at_CCH_no_ETA.aspx.