The recent rash of successful ransomware attacks against municipalities, state and local government, and school districts is bad for organizations and great for cybercriminals.
In August of this year, security vendor Armor identified 17 organizations – most of them school districts – that were successfully attacked by Ryuk and other ransomware families in just 11 days. Now, 17 attacks in 11 days sounds miniscule in a world where we talk about hundreds of thousands of new malware variants. But we’re not talking about ransomware attacks that impact a few endpoints; one of the victims, the Rockville Center School District, was asked for a ransom of $176,000, negotiating it down to $88,000.
In the last year we’ve seen both a concerted effort to target municipalities, schools, and other “softer” targets that have less security in place than an enterprise organization, as well as an increase in the attempted scope of an attack to include as much (if not every part) of an organization’s network.
So, the cybercriminals behind these attacks are having a great year – plenty of victims, huge attack scopes, and lots of money pouring in. With ransomware estimated to have a global damage cost to organizations $11.5 billion in 2019, according to analyst firm Cybersecurity Ventures, this is a problem that will continue to plague any organization that does not have ample security in place.
Most organizations focus on solutions used to secure the logical perimeter, email, and the endpoint. While important, users also need to be taught to act as part of your security strategy through Security Awareness Training. Without teaching users how to identify suspicious phishing campaigns or social engineering scams, any malicious content that makes its way past your security defenses will be clicked on, potentially causing the next big ransomware attack.