It’s Halloween today, a few days after the recent Bad Rabbit ransomware attack that impacted Europe and scarred institutions and organizations throughout continent.  Like the goblins and ghouls of Halloween, ransomware strikes terror and fear into the hearts of people.  However, ransomware does not occur one-day in the year, it happens every day, all the time.  In fact, in 2017 ransomware has become a real nightmare.

The year 2017 has shown that cyber thieves have become more sophisticated and have increased their usage of ransomware tools that can be purchased over the dark web. A single attack in 2017 is believed to have launched more than 2 million attempted ransomware infiltrations every hour.  If we look back at the year, WannaCry, NotPetya and Bad Rabbit were the high profile attacks.  But throughout the year, there have been ongoing attacks and infiltrations impacting multiple verticals and industries.

Attacks on Verticals & Industries

Hospitals,  doctor’s offices, healthcare clinics and other healthcare facilities have been hit particularly hard.  HMO and hospital networks are favored targets of attack.  Hackers know this and use it to their advantage, realizing that medical facilities have greater incentives to pay a ransom to recover their systems and operations. Moreover, hospital networks are great targets because they operate all day, every day and are rarely taken down for maintenance and updating that would include patches for security holes. Hackers used these known gaps in medical facility networks to easily hone in on several major targets in 2017.

Federal institutions and other government agencies have become known as lucrative targets to hackers because they provide time-sensitive, integral services such as law enforcement, disaster relief and first aid responders.  Because these federal and state agencies often need to move quickly, they have an increased sense of urgency in recovering data and are more likely to respond to pressure to pay ransom. In the past year, there have been numerous examples of police department ransomware attacks. One instance involved a Texas law enforcement agency, where a ransomware attack led to the loss of eight-years of information. This attack impacted all their Microsoft Office Suite documents including Word documents and Excel files. The agency also lost corrupted body camera video, as well as some dashboard video, film of in-house surveillance, and some photographs that were stored on their server.

Energy & Utilities:
Energy and utility organizations have also been impacted by ransomware in 2017.  Although the WannaCry ransomware attack in June is associated with the National Health Service in the UK, a number of utility and energy organizations were impacted by the attack throughout the world. Utilities and energy based enterprises which keep critical data, and where team members need to make quick decisions thus remain prime ransomware targets.

Other At-Risk Sectors

Additional sectors that are prone to ransomware attacks include legal firms, HR teams and others.   What all these sectors have in common is that they have sensitive data. Whenever an organization has sensitive data, it is a prospect for attack.

Traditional perimeter defenses such as antivirus are not enough to block ransomware. The most effective way to mitigate the risk of ransomware is to prevent unknown applications from gaining the read, write and edit permissions needed to encrypt files. Proactive measures can be taken before a threat becomes reality.

Cynet 360 – Stopping the Nightmare

The Cynet 360 platform is a comprehensive cyber security solution which provides organizations with all the capabilities necessary to detect and remediate threats like ransomware – including previously unknown and zero-day threats. Using Cynet 360 provides full visibility throughout the organization, from endpoints, to user behavior, to network traffic and more. Organizations cannot afford to leave security to chance – and Cynet 360 gives you the power to keep the ransomware nightmare at bay.