About the author David Higgins is CyberArk's Technical Director for EMEA. Since early May, Baltimore has been in the grip of a major ransomware attack that has taken many of the city's computer systems hostage. The attack "shut down" thousands of government computers, causing interruptions in water bill payments as well as delays in real estate sales. The hackers behind this request have asked for 13 bitcoins, worth approximately €100,000, to restore these critical computer systems. Baltimore City Mayor Jack Young has publicly said that the city will not pay the ransom demand. However, despite the fact that the FBI, secret services and many cybersecurity experts are working hard to get things back, new reports indicate that the attack will cost the city more than €18 million. A few weeks ago, a Krebs security article quoted a source who had stated that it is "not very likely" that the Eternal Blue exploit was used to spread Robbinhood ransomware, refuting the reports. Previously, that linked the Baltimore ransomware attack to the hacking tool developed by the US National Security Agency (NSA) and leaked online a few years ago.
Local governments and state departments must prepare for a rise in ransomware
According to the latest Verizon DBIR report, ransomware accounts for nearly 24 percent of all malware attacks across all industries. At the same time, a Beazley group report on security breaches published in 2019 points to a phenomenal 105% increase in the number of ransomware notifications between the first quarter of 2018 and the same period this year. Payment requests are also increasing. Beazley's report indicates that the average payment in the first quarter of 2019 (€224,871) has already far exceeded the total of €116,324 for 2018. As the Baltimore attack has shown, state and local governments appear to be particularly vulnerable to ransomware. . The cybersecurity research company Recorded Future has recently published an interesting study on the increase in ransomware attacks by state and local governments targeting critical processes and infrastructure. It revealed that reported attacks against state and local governments increased by 39% in the United States in 2018, and that many of these attacks were opportunistic: In most cases, attackers "stumbled upon" public sector entities seeking vulnerable targets. Although this is a worrying trend across the basin, the UK is not doing much better. The latest cyber security breach survey released by the UK government showed that 27% of businesses and 18% of charities that fell victim to an attack last year were hit by ransomware, which in fact, a significant threat. And while other attack techniques, such as phishing, are becoming more popular with hackers, the damage that ransomware can inflict on organizations is even more significant. In fact, 58% of businesses and charities are more likely to report negative results from ransomware software than any other type of attack.Image Credit: Shutterstock (Image Credit: Shutterstock)
How can we combat the threat of ransomware?
While there is no one-size-fits-all approach to ransomware prevention, government agencies and businesses can take steps to reduce the risk of malware (such as Robbinhood) spreading and paralyzing their systems.- Backup all critical data
- Never stop patching
- Beware of phishing
- Remove local administrator privileges to contain and block attacks