Ransomware Attacks Across 99 Countries Highlight the Need for Security Awareness
This is a guest post from Dr. Chris Pierson, Chief Security Officer at Viewpost.
Across 2016 and 2017, we have seen an increase in malware attacks that encrypt user data on that computer and other attached storage shares and will release the files in exchange for a ransom, traditionally paid with Bitcoin. More recently these attacks have escalated to systems that are being specifically targeted and are more critical in nature.
It seems in 2017 cybercriminals have found that targeting computers that have critical data and/or data that is not as frequently backup provides for increased certainty of payment of the ransom.
As shown by the attack on National Health Service (NHS) customers in England today and in 98 other countries thus far, the healthcare and financial sectors are frequent targets for attacks. While not distinguishing among victims, the WanaCrypt0 malware has impacted the healthcare and other sectors across Europe. Healthcare computers are usually always on, less frequently patched due to their role in the healthcare process, and often times hospitals and clinics are lagging behind on cybersecurity controls.
Similar ransomware incidents have hit in the U.S. in the past and targeted the healthcare vertical. Ransomware attacks in 2016 grew to nearly 4,000 each day. The current WanaCrypt0r ransomware attack seeks $300 worth of Bitcoin from its victims.
Obviously robust cybersecurity controls such as anti-malware (A-V), up-to-date patching, and recent backups are all good, but they’re not enough. Organizations should have in place behavioral-based technologies that can detect the initiation of encryptions practices across multiple computers, as well as specific anti-ransomware technologies available to ensure swift isolation of affected computers.