2019 Ransomware Recap—Inside the Biggest Attacks

Ransomware took an unfortunate big leap forward in 2019. A SonicWall report  lists a total of 151.9 million ransomware attacks through Q3 last year. That’s a staggering number, but the interesting thing is that it’s a five percent year-over-year decrease. To some degree, cybercriminals are shifting focus. Rather than going after small ransoms on thousands of endpoints, they’re conducting highly targeted attacks that demand bigger ransoms from large organizations. For the first time, we saw headlines describing attacks on state and municipal governments. According to a report by security solutions provider Emsisoft, ransomware impacted 113 state and local governments along with 89 universities and 764 healthcare providers. Cybercriminals know that more valuable data can command a higher ransom, and they’re getting smarter about who they attack. To illustrate our point, let’s look inside some of the top four ransomware attacks of 2019 and what you can learn from them.

Demant Ransomware Attack

A September 2019 attack on Danish hearing aid business Demant cost $95 million. Interestingly, Demant wasn’t financially impacted because of lost data. Their losses came from their inability to access systems. With no way to receive and fulfill orders, their bottom line took a massive hit. Downtime strikes again.

Baltimore City Attack

In May 2019, attackers hit Baltimore city with a strain of ransomware known as Robinhood. It disrupted systems for email, voicemail, property taxes, water bills, and much more. Hackers demanded a $76,000 ransom, which the city refused to pay. Instead, they paid an estimated $18 million to restore the systems. Ouch.

New Orleans City Attack

On December 14, 2019, New Orleans declared a state of emergency following a ransomware attack. Mayor LaToya Cantrell said she expected the cost of the attack to exceed their $3 million cybersecurity insurance policy.

Texas City Attacks

On August 20, 22 Texas municipalities had been infiltrated by hackers demanding a collective ransom of $2.5 million. The ransomware locked down systems for critical files like birth and death certificates, municipal billing, and more. According to NPR, the attackers got in through the city’s third-party IT provider.

What You Can Learn From 2019

These events teach a few lessons that many IT admins miss while they’re planning for ransomware.

• Backups aren’t enough: It’s not just about having backups. Downtime is just as crippling as data loss. How will you recover?
• Users need more training: Ransomware attacks often come through spoofed emails. Will your users know them when they see them?
• Vendors can be vulnerable: Are the people you depend on taking the proper measures? As an IT provider, are you sure you’re not the weak link?
• You might be a big target: Hackers are focusing on bigger organizations with more sensitive data. Are you ready?

Final Thoughts

The ransomware problem isn’t going away. It’s up to you to have a thorough and tested disaster recovery plan. It should cover not only how data is backed up, but also how you’ll recover if ransomware brings multiple systems down. Are you looking for a solution that focuses on fast, flexible recovery on top of solid backup? Consider how StorageCraft’s disaster recovery solutions can help you save clients from downtime.