Ransomware: Public sector — pay attention or pay up
Over the past few years, public sector organisations have matured massively in their use of IT, enabling them to keep up with private sector counterparts and even lead the industry in some cases. Both sectors are undoubtedly benefiting from technologies such as public cloud, data-driven analytics, mobile communication and collaboration, and stronger encryption and data security.
Both sectors are also plagued by the same threats, such as the emerging threat of ransomware. Ransomware works by encrypting information and then demanding money to decrypt it. Consequently, it’s a direct wealth transfer mechanism from victim to criminal — making it a true modern-day evil.
The big problem for public- and third-sector organisations is: poorly-secured public sector systems are overflowing with valuable or sensitive data, making them attractively soft targets for criminals. So, pay attention or pay up!
Everyone’s at risk
This February, a Freedom of Information request revealed that nearly all NHS Trusts have suffered ransomware attacks, with one Trust being hit 19 times in 12 months. None of the organisations reports paying a ransom or informing law enforcers. Instead, they chose to deal with the problem internally, possibly highlighting how disastrous this kind of attack could be for your reputation.
But it’s not just healthcare providers that are at risk. 60% of universities have also suffered these types of targeted robbery attempts it emerged last year. The value of ransoms demanded to decrypt the data ranged between £77 and £2,299.
And, recently in the US, a county in Indiana spent an eye-watering $20,000 to unlock systems after a ransomware attack. Law enforcers aren’t spared either: Washington DC’s police department was forced to take infected devices offline and wipe them because of a ransomware assault.
Here are some worrying ransomware trends I found, to help paint the bigger picture. More than 4,000 ransomware attacks have occurred each day since the beginning of 2016, a 300% increase over 2015. And between January and September last year, ransomware attacks on businesses grew from once every two minutes to once every 40 seconds.
Security experts have found that phishing emails are the main attack vector, with almost 100% of phishing emails involving ransomware these days. It’s hard to believe, but for cybercriminals, business is business and this is a very lucrative way of making money.
An evolving threat
And the threat’s still evolving, with nasties like ransomware-as-a-service on the horizon. As a public sector IT professional, handling large volumes of sensitive, citizen data, it’s easy to feel overwhelmed and under-prepared — or “outgunned” as someone put it.
But the good news is that most of these threats — old and new — can be blocked with well-implemented protocols, good cloud hygiene and careful email and web usage. For example, dialysis machines or pacemakers are increasingly being connected to the hospital network via Internet of Things technology. But by using end-to-end encryption on your IoT equipment, which is often neglected, you can help foil cyber attacks.
Another way is to secure the content itself which is being targeted by ransomware. With a secure, shared-working platform like Box, even highly confidential information can be safely stored. It uses encryption for data both at rest and in transit, and centralised controls to add granular security and manage and restrict access to information. With Box you can also protect lost or stolen mobile devices through remote logout and data deletion.
For more information on how you can use Box to secure your data, and help you to combat ransomware attacks, click here.
