Ransomware has caused losses of $7.5 billion in the US in 2019
If you always thought that Ransomeware only affected personal files on the consumer computer, then you have it all wrong. Imagine a Ransomware taking over a hospital computer, and it locks down access to patients’ data? It has happened for real, and the hospital had to redirect Emergency patients to other hospitals. Emsisoft has released an updated report on the state of Ransomware and how it impacted the United States in 2019.
While everything else can be restored, but if anything impacts healthcare, it could be a matter of death and life for someone. Imagine surgery had to be delayed because the tests and other data which were available online had been blocked or wholly lost because of the Ransomware. Here are the complete details:
911 services were interrupted.
Dispatch centers had to rely on printed maps and paper logs to keep track of emergency responders in the field.
Police were locked out of background check systems and unable to access details about criminal histories or active warrants.
Surveillance systems went offline.
Badge scanners and building access systems ceased to work.
Jail doors could not be remotely opened.
Schools could not access data about students’ medications or allergies.
Its time that Government, Healthcare sectors start taking Ransomeware seriously. 2020 cannot be different, and it may only get worse. Not only it is a good idea to take real-time back, but if they are using Windows, its time to enable Controlled Folder access.
Why did it happen?
Ransomware incidents increased sharply in 2019 due to organizations’ existing security weaknesses and the development of increasingly sophisticated attack mechanisms specifically designed to exploit those weaknesses. Combined, these factors created a near-perfect storm. In previous years, organizations with substandard security often escaped unpunished; in 2019, far more were made to pay the price, both figuratively and literally, says Emsisoft.
They are not acting responsibly. That’s how I would put it. Since it will cost money, and if I can find a loophole in the law, I would choose to skip it, so save some extra bucks. Honestly, Viruses and Malwares are easy to handle, but not Ransomeware. They can even corrupt backup files if they are not protected.
According to a report issued by the State Auditor of Mississippi in October 2019 stated these were the reasons.
Disregard for cybersecurity in State government
No security policy plan or disaster recovery plan in place
No place for performing legally mandated risk assessments
Sensitive information is not encrypted.
Most of the respondents did not comply fully with the Enterprise Security Program.
Remember, Security is not simple. Either you protect entirely it, or you don’t. A loophole in the security will leave you unnoticed for an extended period. Imagine a Ransomeware which keeps locking your backup copy in the background. You only get to know when you need it, and you have no option because you never checked the backup or tested it.
What is even surprising that governments are failing to implement necessary and well-established best practices. In the US, a lot of data is online, including healthcare. They must be aware that they will always be a target, and backup might not work all the time.
The total cost because of the Ransomware attack in terms of money was estimated at $8.1 million, and 287 days to recover.
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. He enjoys following and reporting Microsoft news and developments in the world of Personal Computing & Social Media.