Ransomware authors are pivoting their attacks from individuals to government entities and health care institutions, causing a threat to public safety. Traditionally, crypto ransomware targeted individuals and encrypted their personal data and files as a form of extortion for hundreds of dollars. Ransomware has evolved to target businesses and government agencies for much larger financial gains.
There are countless news stories of hospitals and other institutions being shut down by ransomware. We have been seeing an increase in attacks on government entities, including counties and police departments. Lives are at stake when a hospital gets locked down by a ransomware attack and when police cannot respond to emergency situations.
A small Ohio town experienced a ransomware attack earlier this year that shut down county government offices and 911 dispatch. This slowed their emergency response but luckily they were still able to respond to emergency 911 calls.
The financial costs to these organizations are also a concern and they’ve been steadily increasing as crypto ransomware continues to evolve.
The FBI estimated that cybercriminals would collect over $1 billion in ransoms during 2016.
In reality, the actual losses suffered by organizations are much higher due to the disruption of productivity and when government entities and police departments are increasingly being targeted, public safety becomes an issue.
An issue of public safety
Ransomware attacks targeting hospitals are increasing, crippling critical infrastructure and exposing or hindering Electronic Health Records (EHR). When these records are impacted, it causes patient care to be hindered or halted. As more organizations implement connected medical devices and allow employees to bring their own devices to work, access points for unauthorized users are left open.
A 2016 study by Peak 10 found that only 47% of current healthcare organizations have implemented advanced malware protection and only 57% have implemented an encrypted network.
Earlier this year, an attack on police CCTV cameras in Washington D.C. crippled the city’s surveillance system and forced major citywide reinstallation. Although this attack was an extortion effort, it makes you wonder how similar attacks will be used to cripple government emergency response and how cyberattack methods are evolving.
Once ransomware hits a police department’s system, the damage can be catastrophic if mitigation methods aren’t in place. Attacks cripple dispatch systems and patrol car computers, slow police response time, expose records, and create an unsafe environment for officers in inmate holding areas.
What the government is doing about it
Ransomware and other cyberattacks on government operations are a real issue of public safety and steps need to be taken to improve response time to such attacks. The FBI recommends taking prevention and continuity measures to lessen the risk from ransomware attacks.
- Back up your data locally or in the cloud
- Secure backups and keep them on scheduled updates
- Do not open attachments in unsolicited emails
- Keep your operating system, software, and firmware up-to-date
- Ensure antivirus and antimalware solutions are set to automatically scan and update
- Report internet crimes to the Internet Crime Complaint Center (IC3)
Ransomware presents a real, imminent threat to the public and to our government. Share this article to help spread ransomware awareness in your community.