Image courtesy of reviewedbypro.com
As predicted, 2018 has been an extremely good year for cybercriminals. It seems like we hear about a massive data breach or ransomware attack on a weekly, if not daily basis. As we are at the halfway point of 2018, we have highlighted the biggest data breaches and ransomware attacks thus far. Additionally, we will take a look at what the rest of 2018 holds in store for the cybersecurity world.
City Governments Becoming Ransomware Victims
The most notable city that was hit by a ransomware attack in the first half of 2018 is, of course, Atlanta. In late March, a ransomware attack hit the IT system of Atlanta’s municipal government. This attack led to the shutdown of multiple internal and external applications, including apps that people use to pay bills and access court-related information. Recent hearings revealed that the city has assigned an extra 9.5 million dollars to finance its recovery efforts. The ransomware, which was identified as the SamSam strain, also caused issues to the city’s emergency-response services.
Other notable attacks on city governments include Sarasota, Florida; Englewood, Colorado; Hinesville, Georgia; Farmington, New Mexico, and Leeds, Alabama.
When a ransomware attack hits a city, several consequences are incurred that could be extremely dangerous for the well-being of the city and its citizens. Read our article here to find out more.
GandCrab Ransomware
GandCrab ransomware first appeared in late January and carried some characteristics that had never been seen before. Most notably, GandCrab became the first ransomware variant to accept the DASH currency as a ransom payment. Up until now, most ransomware families only accepted Bitcoin. The change to DASH is most likely due to the currency being built around privacy; making it harder for law enforcement to track individuals who hold the currency. At the time GandCrab made its appearance, ransom was set at 1.54 DASH or approximately $1,170 USD.
Since the release of GandCrab Version 1, a decryptor became available; allowing individuals affected by the ransomware to recover their encrypted files without paying the ransom. However, in early March, GandCrab came out with Version 2. In the matter of a month, the ransomware infected over 50,000 users across Europe.
To read more about GandCrab and to learn how to prevent infections from the ransomware, click here.
Healthcare Cybersecurity – Or Lack Thereof
In January, the healthcare industry saw several organizations fall victim to SamSam ransomware. Yes, the same variant that infected the city of Atlanta. What makes SamSam so dangerous is the fact that it doesn’t need a phishing email campaign to compromise your network. As you can read about in our article on SamSam, targeted servers sit outside the network firewall in the demilitarized zone, making them easy targets of attack. Cybercriminals are targeting RDP and JBoss servers using brute force attacks to gain access to systems. The most notable attacks in 2018 were on Hancock Health in Greenfield, Indiana; Adams Health Network, and Allscripts.
Unfortunately, ransomware attacks aren’t the only cybersecurity worries for healthcare organizations. In the first quarter alone, records of 1.13 MILLION patients were exposed in 110 data breaches on healthcare organizations. The largest breach, which is believed to have been on the Oklahoma State University Center for Health Sciences, exposed personally identifiable information of over 279,000 patients. While this breach occurred in November of 2017, the public wasn’t notified until several months later; giving infected users little to no time to protect themselves.
In a study published by Protenus, data breaches are becoming harder to detect than ever. On average, a data breach takes 308 days to detect, up from 233 days in 2017. Furthermore, once a healthcare organization has been breached, the organization is 20 percent more likely to suffer another data breach within three months and 54 percent more likely in one year’s time. Given the fact that there were 5.6 million patient records compromised over 477 total breaches in 2017, it appears cyber threats against healthcare organizations are here stay.