Ransomware targets 621 government offices, hospitals and colleges in US


In this 21st century, the whole world is transforming from manual to digital phase, so is the cyber-attacks and sophisticated hacking, which are increasing day-by-day. Recently it was revealed that 621 government entities, healthcare service providers and school districts, colleges as well as universities were attacked by ransomware in US.

All these attacks happened in the first nine months of 2019, topping the current trends in the world of hacking that include attacks via MSPs, bigger ransom demand, cyber insurance and email and Remote Desktop Protocol (RDP).

At this point of time, cybercriminals are targeting software commonly used by MSPs and other third-party service providers said Emsisoft and explained that in such cases multiple customers of the MSP or service provider can be simultaneously hit. It happened in the case of ransomware attacks on 22 Texas towns.

Emsisoft also revealed in the blog post that the average ransom demand has continued to increase in 2019 and insured entities may be more likely to pay demands which result in ransomware being profitable than it otherwise would be and lead to further attacks.

Email and RDP continue to be the attack vectors of choice, the post mentioned while adding that "The latter is vulnerable to ransomware via exploitation on unpatched systems, misconfigured security settings and brute force attacks on weak login credentials."

At least 68 US states, counties and municipal entities have been impacted since the beginning of the year.

These cyber-attacks includes Ryuk attack on Lake City after which $460,000 ransom demand was covered by an insurance policy subject to a $10,000 deductible, Baltimore ransomware attack after what attackers demanded $76,000 and New Bedford ransomware attack where cybercriminals demanded $5.3 million.

Educational institutions also faced a massive cyber threat since the beginning of 2019. The blog post mentioned that there were 62 incidents involving school districts and other educational establishments, which potentially impacted operations of almost 1,051 schools, colleges and universities. These cyber-attacks include targets like Rockville Centre School District, Louisiana public schools and Moses Lake School District.

Health care industry has always been the favourites of the hackers. Recently two Canadian hospitals also reported cyberattack incidents.

It should be mentioned that the hackers "understand that healthcare providers are often more inclined to pay the ransom as failure to do so may result in data loss that could potentially put lives at risk," said the post.

There were a total of 491 ransomware attacks on healthcare providers in US, including Park DuValle Community Health Center, PerCSoft and Campbell County Health.

Fabian Wosar, CTO at Emsisoft said, "There is no reason to believe that attacks will become less frequent in the near future," adding that "Organizations have a very simple choice to make: prepare now or pay later."

He also told IBTimes Singapore that "Given that mass-attacks via third parties are becoming increasingly common, organizations not only need to pay attention to their own security but to the security of their MSP and other service providers too. RDP needs to be locked down, strong passwords used and 2FA/MFA enabled on all remote access solutions."

However, the post mentioned that it is high time now to improve coordination and communication channels between the private sector and law enforcement agencies which would help to ensure that impacted entities are aware of the availability of potential solutions and workarounds which may help minimize recovery costs.

This article was first published on October 1, 2019
Related topics : Ransomware