Trends in Ransomware: Cybercrime is on the Rise

“A recent survey of IT providers revealed that payment did not unlock the files of their clients in about 25% of the cases…”

It would be comforting to know that our emergency services were secure from cyberattack, but it would also be naïve. A game-changer in the cybercrime business has been ransomware. Simply defined, ransomware is a category of malicious software (“malware”) that encrypts or locks data and holds it hostage until the user pays a ransom to unlock it.

Ransomware attacks are increasing at an alarming rate—a fact that all too many businesses have learned the hard way. Cyber-criminals have become emboldened in the age of anonymous crypto-currency such as Bitcoin. On March 7, I attended the Brandon Chamber of Commerce’s Synergy Luncheon, where the guest speaker was FBI Special Agent AJ Gilman. Special Agent Gilman has been working in cybersecurity for the past 18 years. He stated that he expects that ransomware attacks will continue to rise in 2017.

Recent evidence states that the network infrastructures of our police departments and hospitals are ill-prepared for these attacks. A few recent examples in the last year include:

March 2016: Ransomware-encrypted medical data was spread across three hospitals in Southern California. Hackers demanded $17,000 for the encryption key. The LA Times article stated that they did not pay the ransom, but some operations were disrupted due to computer downtime during the attack.
August 2016: A computer server at the Susan M. Hughes Surgery Center in New Jersey and Philadelphia was attacked and had ransomware installed.
January 2017: Police in Cockrell Hill, TX, admitted to losing 8 years’ worth of evidence in a ransomware attack. Also, as outlined in this article by my good friend and colleague Stephen Owsinski, 70% of the surveillance camera DVRs for the Washington, D.C. Metro PD were also infected with ransomware.
February, 2017: Roxana (IL) Police Department suffered a ransomware attack that shut down their computers for over a week.

Prosecuting cyber-criminals is difficult, if not impossible. This is not a crime that is being committed by teenagers getting their kicks in their parents’ basements. This is being committed by citizens of other countries, multi-national corporations, and—per Agent Gilman—at least a few members of the Chinese military. Even if the confidentiality provided by cyber-currency wasn’t a factor, jurisdictional boundaries and diplomatic roadblocks would still severely limit the ability of our law enforcement to bring the perpetrators to justice.

What Can Be Done

Think of ransomware as a business model. Protect your network so you don’t have to pay the ransom. Not only does it further fund and encourage the criminals, it does nothing to clear the malware from your server and desktops. This could cause a recurrence of the attack a few weeks or months down the road. In addition, there are no guarantees that those who hold your data hostage are going to release the data after you pay. A recent survey of IT providers revealed that payment did not unlock the files of their clients in about 25% of the cases.

The best way to beat these cyber-criminals is to build our networks so that the ransom will never have to be paid. A holistic approach that combines these seven best practices can help you defend against ransomware:

Education: All your employees must know what the threats are, how they are delivered, and how to best prevent getting infected. The most secure networks can be bypassed by one click on the wrong email or by inserting a USB that was found lying around your office.
Firewall: A hardware firewall that is properly configured can block threats from entering and isolate threats from spreading across the network.
Spam Filter: 92% of malware, including ransomware, is delivered via phishing emails. Phishing emails are mass emails sent out disguised as a popular company or group with hopes that someone, anyone, will click on them. Spear phishing emails specifically target your organization and may appear to come from someone within your company. Either of these types of emails will usually try to get you to click on a hyperlink or attachment.
Security Patches: Software security patches must be completed immediately. In many cases, these patches are designed to defend against vulnerabilities that have been discovered on your server or desktop software. Failing to patch leaves these vulnerabilities open for hackers to exploit. Also, make sure that any computers that are using unsupported software (such as Windows XP) are removed from your network.
Antivirus and Anti-Malware: Having one of these but not the other is never sufficient. In both cases, a version that updates itself regularly (usually daily) and automates the scans is necessary. For business usage, a quick scan should be completed every 4 hours and a full scan every 24 hours.
Policies and Procedures: A policy on cybersecurity should minimize personal usage on work computers and limit personal devices from being connected to the office network. This is to ensure that only devices that are fully up to date with patches and your security software are connected to your network.
Backup: Having an on-site backup only is insufficient. Copying infected files to your backup device only guarantees that the infection remains on the network. A cloud-based backup system that is capable of fast recovery can be expensive but is well worth the price. Additionally, many companies offer virtualization of your server. In the case of a ransomware attack, you could run your office from a virtual backup of your files until you can get the server restored and cleaned of any malware.

Defending against cybercrime can seem expensive, but failing to do so could be even more costly. Ransom payments could be funding the enemies of our country or criminal enterprises around the world. It is tempting to pay when faced with the loss of your data and extended downtime, but a little investment in your network and your employees could go a long way toward defending against these attacks.

David Thornton is an OpsLens Contributor and retired law enforcement officer.

To contact or book OpsLens contributors on your program or utilize our staff for your story, contact [email protected].

David Thornton

David Thornton is a retired law enforcement officer. He currently owns and operates "A Better Choice Network Solutions" where he helps business owners secure their data against cyber-attack in the Tampa Bay Area.

WND

Will Christianity be deciding factor between Trump and Biden?
Joe Biden says he's a practicing Catholic, attending Mass and such. Of course, he's deliberately and ostentatiously thumbed his nose for years at multiple teachings of the church, including on abortion. President Donald Trump, on the other hand, makes no flamboyant claims to church membership. But what he did as president was simply take multiple… […]
Trump declines to testify as his lawyers rest their case
(POLITICO) -- Donald Trump didn’t take the stand after all. His defense lawyers rested their case Tuesday after calling just two witnesses — a sharp contrast to prosecutors’ weekslong effort to convince the jury that the former president conspired to cover up a hush money payment to a porn star. The trial now enters its… […]
'People's magic number to retire comfortably has exploded to an all-time high'
By Will Kessler Daily Caller News Foundation The average amount that Americans said that they would need to “comfortably” retire has surged to $1.46 million as inflation continues to push up prices, a survey released Monday shows. The estimate for 2024 is 15% higher than last year and more than 50% higher than what people… […]
Did top university break federal law by failing to report crimes amid anti-Israel protests?
[Editor's note: This story originally was published by The Daily Signal.] By Tony Kinnett The Daily Signal Northwestern University may have violated a federal law by failing to report crimes on campus at least five times during recent anti-Israel protests. Northwestern appears to have violated a U.S. law called the Clery Act by not taking… […]
'Thrilled': Major pharmacy chain settles with Christian nurse over contraceptives case
By Kate Anderson Daily Caller News Foundation CVS Health Corporation settled with nurse practitioner Robyn Strader after she sued the company after it stopped providing religious accommodations regarding “pregnancy prevention services.” Strader said she had been granted a religious exemption for six years permitting her to not prescribe contraceptives, and filed the lawsuit in January… […]
Congress wants report on judge's role in weaponizing courts against Trump
It apparently is not just bureaucrats, functionaries and prosecutors involved in the weaponization of the government against President Donald Trump. That agenda has been obvious in recent months as multiple state and federal cases have been launched against him, sometimes as in the "hush money" case on trial in New York now the allegations are… […]
'Stark tilt': Federal scholarships biased against conservatives
An audit has revealed a scholarship program handing out federal funds to students exhibits a bias against conservatives, and now members of Congress are wanting an explanation from those who hand out the cash. It involves the awards from the Harry S. Truman Scholarship Foundation, set up some 50 years ago to give awards to… […]
'Additional action is critical': Cyberattacks targeting water utilities more frequent and severe
By Nick Pope Daily Caller News Foundation Cyberattacks targeting water utilities and their infrastructure are growing more in frequency and intensity, the Biden administration warned Monday. The Environmental Protection Agency (EPA) issued the warning, asserting that private and state-backed actors from countries including China, Iran and Russia are ramping up their efforts to interfere with… […]
'Nancy Pelosi Fellowship' will use over $1 million in tax dollars to diversify U.S. diplomats
By Robert Schmad Daily Caller News Foundation The Biden administration is set to spend roughly $1.6 million on a program named after former Democratic House Speaker Nancy Pelosi aimed at making America’s diplomats more racially diverse. The State Department’s “Nancy Pelosi Fellowship Program” seeks to support “the Department’s goal of cultivating a workforce that reflects… […]
WATCH: FDIC rocked by sexual harassment, now chairman takes serious action
By Harold Hutchison Daily Caller News Foundation Martin Gruenberg, the chairman of the Federal Deposit Insurance Corporation (FDIC), announced Monday he would resign following an external probe into workplace harassment and misconduct. Gruenberg tendered his resignation Monday after the release of the report, according to the New York Post. The report from Cleary, Gottlieb, Steen… […]