[RWSB] 2016-09 - Ransomware & Soft Targets
We are seeing an upward swing in the number of ransomware attacks. Ransomware is one of the nastiest kinds of malware on the market, and hackers are taking advantage of soft targets such as hospitals and non-military government agencies. These targets do not have the high-end backup systems to prevent the need to pay the ransom, so they are forced to pay thousands to anonymous hackers.
A few weeks ago, we discussed a ransomware attack on a US hospital in California that was forced to pay a $17,000 ransom to attackers to get their data back. The same has happened to two German hospitals â€“ one of which was able to sustain the attack and only lost a few hours of data due to good backup policies.
Both Lukas Hospital and Klinikum Arnsberg Hospital were attacked by ransomware through email systems. Lukas was able to detect the malware quickly. It reports that suspicious popups on employee workstations and slow network bandwidth prompted IT professionals to look into the issue and quickly stop the malware from spreading. Lukas Hospital was able to mainly recover from backups, but they still have no email services.
Klinikum Arnsberg was also hit with the same circumstances. The email was sent to employees that opened attachments laced with a trojan that then downloaded the ransomware to one of their local servers. IT staff was able to quarantine the ransomware and recover any lost data from backups.
Ransomware creators target these systems due to the low chance of backups and recovery. Individuals were originally the target, because they have a low chance of having any type of backup system in place. Because bigger targets have even more sensitive data, ransomware creators are targeting them for their propensity to pay for their recovery. Many large targets cannot afford to lose data.
With these attacks increasing in popularity, the need for good backup systems is also increasing. With the right backups, most organizations can survive these attacks without significant data loss.