Ransomware operators have learned in recent years that attacks tightly targeting large corporations and national infrastructures yield much more profit than the en masse attacks on random endpoints. At the same time, many of these large infrastructures still rely on unpatched, or even unpatchable, legacy systems that are highly vulnerable to cyber-attacks.
When victims are left without a choice
In the last couple of years, ransomware families like WannaCry, NotPetya, GandCrab, Ryuk, SamSam and, more recently, LockerGoga, have inflicted tens of billions of dollars of damage worldwide, crippling businesses and critical infrastructures alike.
A recent example is the attack on a County in Utah, where officials resorted to paying ransom in Bitcoin to regain access to their systems and data. The type of ransomware used in the attack is unknown and it is believed operators encrypted not just the county’s live data but also the backups, leaving them no choice but to pay and hope to get back what was theirs. In this instance, the attackers stuck to their end of the deal, so Garfield County was lucky. However, paying the ransom doesn’t always yield the decryption keys from the attacker, either because:
…and the list could go on.
By targeting healthcare facilities – another emerging trend in recent years – attackers again press management and IT administrators hard to consider paying ransom. The reason is simple: freezing a medical center’s operations puts lives at risk and patient health history could be lost forever. The most recent example comes from the United States, in Battle Creek, Michigan, where a doctor’s office closed shop after a ransomware incident. A concerned mother was left scrambling for options to ensure her daughter got the necessary treatment, when it was discovered she required a follow-up intervention after an infection post-surgery. While this medical practice chose not to pay the ransom (for reasons still not entirely clear), many others have, to avoid further damages and maybe even bankruptcy. Source
Don’t be taken hostage by ransomware. Download your rescue manual now!
Or cut&paste this link in your browser: http://info.knowbe4.com/ransomware-hostage-rescue-manual-0