On July 5th, 2017, disaster struck a series of hospital networks in Michigan. Caro Community Hospital, Caro Medical Clinic and Caro Quick Care all lost access to not only their desktop and laptop computers, but also phones, email services and even patient records. A message on a computer screen confirmed administrators’ worst fears—They were a victim of ransomware.
According to Caro CEO, Marc Augsburger, the ransom note provided a single email address to use to determine the payment required to recover the locked data. The hacker specified a payment of $120,000 should be made in Bitcoin!
Instead of paying the hacker, hospital administrators decided to quickly shut down all electronics following the attack. This caused a great deal of disruption, but the damage was mitigated due to IT policies and procedures that were already in place. Hospital staff were well trained on keeping paper-based records in the event that such an incident occurred. All computers and other devices were also backed up remotely on a regular basis, so it was only a matter of time before Caro could get its systems back up and running.
What made this ransomware attack so unique was the extent of the machines affected.
Traditional ransomware strategies seem to be one of quantity over quality. The files on a single infected machine are quickly encrypted, and the ransom is typically a few hundred dollars. This particular strain didn’t just affect servers, computers and other devices, everything connected to the Caro network was affected, including the VoIP phone systems that were operated by those computers.
Make no mistake—The disruption was absolutely a bad thing, but the situation could have been far worse were it not for these policies. They also helped guarantee that no personal information of employees or patients was compromised during the attack.
It took nearly two weeks to get all hospital operations back up and running. Caro administrators contacted both the FBI and the local police in the immediate aftermath, both of which are still searching for the person or people responsible. The FBI indicated that this was a brand-new strain of ransomware, and one that they would continue to watch out for in the future.
The State of Malware
As the Caro hospital staff discovered, ransomware is the “latest trend” in terms of cyberattacks. To say that the digital world is getting more dangerous is something of an understatement:
- There were 22 million new malware samples in the first quarter of 2017 alone.
- A new malware specimen is emerging every 4.2 seconds, a pace that’s getting faster all the time. To put this into perspective, there were only about 6.8 new malware samples discovered in the entirety of 2016.
- In 2015, attacks occurred at a rate of about 1,000 per day. Fast-forward just a year later, and that number climbed to about 4,000 per day – an increase of 300%!
- The number of phishing emails is also on the rise. In the first quarter of 2016, 92% of phishing emails contained some form of ransomware. Just a few months later, that number grew to 97.25%.
Learning as much about ransomware and other forms of malware is the key to ensure your organization doesn’t suffer the same fate.
If you had to make a list of the worst cybersecurity threats facing businesses today, it’s this particular strain of malware that can encrypt all of the files on a computer and network. This means that every kilobyte of data on a machine is lost forever, unless you’re willing to pay a hefty fee to the criminal holding your data hostage.
According to a study conducted by Friedrich-Alexander University, most of these attacks are successful because of overconfident users. 78% of people claim to be aware of the risks associated with clicking on unknown links in emails, and of phishing in general—Yet they go on to click on these links anyway.
Because ransomware infections are most often the result of accidentally downloading a malicious file, many assume it’s a situation where a little common sense goes a long way. Recent events have proven this isn’t enough.
As a business leader, it’s important for you to understand that ransomware is just one of the many types of digital threats that should concern you. Hackers are getting more sophisticated all the time, and the key to staying protected involves making an effort to stay one step ahead of them. Cybersecurity training for your employees is essential.
If you’re in Omaha and would like to find out more about cybersecurity issues, OR if you’re interested in cybersecurity training for your staff, please don’t delay—Contact InfiNet Solutions at [email protected] or (402) 895-. 5777