It’s not only for-profit businesses, either. Police stations, hospitals, and even local governments have found themselves the newest victim in this trend in cyber attacks. Many of these instances have made international headlines and led to the FBI issuing a special report.
Let’s dig deeper into some of the high-profile ransomware attacks that you may not have heard about.
In 2014, the City of Detroit found itself in trouble from a surprising problem. One of its databases had become encrypted by ransomware, and the hacker was demanding $800,000 in order to restore access to the encrypted database.
Detroit declined to pay the ransom, saying that the data encrypted was outdated and not useful.
After the ransomware incident, the City of Detroit mentions that it took procedures to harden the security around its resources in order to prevent any such occurrence happening again and possibly finding its way into a database that would actually be integral to the government’s basic functions.
When an unassuming detective opened a seemingly innocuous e-mail attachment, the Melrose Police Department rapidly found itself dealing with a ransomware attack. The small police department, located in Massachusetts, ended up having no choice but to pay the $489 ransom (paid via Bitcoin) in order to retrieve essential case-related data.
“It’s evil, but it’s pretty ingenious,” said Jorge Pazos, the Information Technology Director of the Melrose Police Department.
MedStar operates a network of hospitals in Maryland. In 2016, this important regional healthcare provider confirmed that 10 hospitals in its network were dealing with a ransomware infection.
MedStar claims that it did not pay the ransom and that all systems have been restored to full health. MedStar says that early reports of a flaw in Its JBOSS server are incorrect. Afterwards, the healthcare provider has declined to reveal the root cause of the ransomware outbreak.
The Chinese Government inadvertently hosted a website that infected its visitors using the Angler exploit kit. Once vulnerable PCs visited the government department website, the ransomware virus proceeded to encrypt the hard drive of the unsuspecting user.
This attack is notable because it is the first known instance of a ransomware infection being served from a “.gov” domain. National governments are often considered to have more complete network security than businesses or residences, so seeing a national government dealing with such an infection is especially alarming for the general public.
The UK Inquirer reports that a UK Parliament member had their PC infected with the popular Cryptowall strain of ransomware. The Inquirer goes on to say that hackers demanded an unreasonable amount of money and it was unclear whether or not the Parliament paid the ransom.
The Inquirer confirms that data on the infected PC contained confidential memos vital to government business.
In New Zealand, the Whanganui District Health Board is one of the largest healthcare providers in the region. In 2016, the health district board confirmed that it had been infected with the Locky variant of ransomware.
Barry Morris, the ICT Manager at the health board, told the New Zealand Herald that his IT team had contained the Locky outbreak and swiftly provided access to the locked files using backups. The New Zealand-based health board mentioned that it did not pay the ransom.
Arguably the most high-profile ransomware attack of all time, the incident that happened at Hollywood Presbyterian Medical Center in Southern California involved the hospital being forced to pay $17,000 in ransomware fees in order to regain control of their files.
The LA Times reports that the hospital was able to maintain operations during the time it was locked out of its own network by going back to an old-fashioned “everything on paper” system, essentially operating on a disaster recovery scenario until the hacker released their essential data back to them after payment.
Methodist Hospital in Henderson, Kentucky recently displayed a red banner on their website alerting patrons that their IT crew was battling a ransomware infection. The Kentucky hospital was being asked to pay a $1,600 ransom.
Leaders at the hospital said that they would only pay the fee unless it was absolutely necessary.
Initial reports suggest that the Locky ransomware virus infected the hospital through a spam email message. Locky is a tricky infection because it uses Microsoft Office’s macro feature in order execute its attack. New flavors of Locky will allegedly encrypt UNC paths on a target PC, making the new strains especially hard to contain.
Methodist Hospital spokespeople have since declared that the hospital was able to successfully fend off the attack without paying the ransom.
Your organization, whether it’s a nonprofit, a startup, a small business, or a large enterprise, deserves high-tech security delivered by experienced professionals dedicated to keeping your information secure. At BACS, we provide Security Services to organizations within many different industries. Whether you’re looking for data backup, disaster recovery services, or are interested in closing the loopholes in your current network security system, we’re here to help! To learn more about the security services we offer, give us a call today at (650) 887-4601 or contact us online at any time!
Published on 11th July 2016 by James Berger.