Before, getting hit by a worm or adware was a cause of concern. But today, you’d be fortunate if you only get infected by these less-dangerous malware. Malware and viruses have developed over the years, and they have become much more dangerous and problematic to deal with.
One of the most dangerous viruses on the cyberspace today is the ransomware, and it is victimizing government agencies, businesses, and normal internet users. Because of ransomware, cybercriminals are filling their pockets with millions of dollars.
What Makes Ransomware so Dangerous?
Ransomware is a high-level cybersecurity threat that takes a user’s files hostage. It uses a hard-to-crack encryption algorithm that can be decrypted using a unique key that the hackers have access to. And users need to pay a large sum of money just to get their files back.
That’s not the most dangerous part: it’s the growing trend of victims paying criminals for their files back that’s worrying. Cybersecurity experts are advising victims not to pay the ransom as it encourages cybercriminals to be bolder.
But when comparing the high cost for system restoration and data retrieval, victims would rather just pay the criminals than suffer more. This was the case with the Baltimore attack in May 2019.
Baltimore Robinhood Ransomware Attack (2019)
On May 7, 2019, Baltimore city was infected by the Robinhood ransomware that took control of the majority of the city’s online services. Government employees were unable to use their PCs and could use their email system. The cybercriminals demanded 13 bitcoins (or around $120,000) for the release of the city’s servers and PCs.
The attack forced the city government to revert to manual processing of government services while investigators investigated the matter. This caused heavy damage to the city’s real estate sales and real estate tax payments. The department of public works and city health department were also heavily damaged by the attack.
For the rest of May until early June, the Baltimore city government was able to restore one-third of the city’s computer system following the cyberattack. The attack cost the government over 18 million dollars.
Other Significant Ransomware Attacks in 2019
The Baltimore attack is just one of the many critical ransomware attacks in 2019. Other states and organizations also fell victim to other variants of ransomware:
- Lake City, Florida
Lake City in Florida was hit by a ransomware known as “Ryuk” on June 26, 2019. The attackers seized the city’s phone lines, online services, and email system. The attackers demanded 42 Bitcoin ($460,000) to have the system unlocked.
The government agreed to pay the ransom.
- Eurofins Scientific
Eurofins Scientific, a leading forensics service company in the UK, was also hit by the “Ryuk” strain in June 2019. The company offers its services to the majority of criminal investigations in the UK and handles computer forensics, firearm and DNA testing for many criminal cases in the UK.
It is unclear how much the attackers demanded from the company, but it is reported that the company paid the ransom.
- Jackson County, Georgia
In March 2019, Jackson County in Georgia fell victim to a ransomware attack that took down the county’s computer system. The county paid the hackers $400,000 for the decryption software after a week.
According to reports, the FBI noted that the group that organized the attack on Jackson county were from eastern Europe.
- Riviera Beach, Fl.
Riviera beach is one of the cities in Florida that was hit by ransomware this year. The attack spanned nearly a month.
The attack began on May 29 when the local police department opened an infected email containing the ransomware. The City’s 911 dispatch, email system, and phone service were the first to go down from the attack.
On June 4 the city spent at least $900,000 for new computer hardware. On June 17, the city council voted to pay 65 bitcoins ($600,000) to the hackers. A portion of the ransom was covered by insurance.
- Augusta, Maine
On April 18, Augusta city in Maine was the target of a malware that took the city by surprise. Reports say that the malware was discovered in 12 computers and 10 servers. The city government was demanded to pay around $100,000.
The government declined to pay the ransom and was able to rebuild the system using backup files. No sensitive data was stolen from the attack and the city’s network system was starting to recover the following day after the attack.
- Norsk Hydro
Norsk Hydro, one of the biggest global aluminum producers, was hit by ransomware in March that stopped their automated operations. The company has over 35,000 employees in 40 countries.
Some of their factories were forced to stop operations because of the attack. But other functions were still operational. Norsk Hydro didn’t pay the ransom demand but instead operated manually until the issue was resolved. They also had backups of the encrypted files to work with.
After the WannaCry attack in 2017, ransomware has shown its devastating results. Government agencies, businesses, and even normal users need to heavily prepare and protect themselves from being attacked.