Global Surges in Ransomware Attacks

06.09.2021 | Aktuelle Meldungen ITSC, Aktuelle Meldungen SISD
In the beginning of this year hospitals have been successfully attacked by cybercriminals, infecting the hospitals’ systems with ransomware. The worst case happened last year in a German hospital, where a patient died, due to the consequences of a ransomware attack. This incident is the first known case of a death due to an attack of this kind [5].

What is Ransomware

Ransomware is a kind of malicious software that is designed to prevent a user from accessing their data. The system is encrypted until a ransom is paid. In most cases this type of malware is spread through phishing e-mails. Other attack vectors include USB-Sticks, malicious websites, or malware.

Previous attacks

One of the most famous examples of ransomware was WannaCry.
The WannaCry attack took place in May 2017, where the malware infected primarily Microsoft Windows systems. In total over 230,000 systems were hit by this attack [1]. It is estimated that the financial damage of this ransomware sums up to around $4 billion.
Some other severe examples are [4]:

  • Ryuk Ransomware, 2019/20, (est. damage $7.5 billion )
  • CryptoLocker, 2013/14, (est. damage $3 million)
  • SamSam, 2015/18, (est. damage $30 million)

Consequences?

The damage caused by ransomware attacks can vary, depending on which kind of organisation issued the attack. The most prevalent consequence is the possible loss of data if the ransom isn’t paid. Attackers might also steal private, sensitive information and pictures to blackmail the users. However, even if the ransom is paid, the user isn't protected against future attacks. It can also damage their reputation or the reputation of the companies they work for, e.g., if the corporate account or business details get leaked through the attack.

Prevention of future attacks (protection)

Ransomware not only targets businesses. Also, you as a private user can be infected with ransomware. This is how you can protect yourself:

  • Don't click on suspicious links
  • Keep your entire system up to date
  • Don't plug unknown USB drives into your computer
  • Back-up your system regularly
  • Be aware of existing threats
  • Use an antivirus software
  • Use a VPN in public networks

Conclusion

The death of a patient in a hospital is only one possible – but surely an extreme – consequence of as ransomware attack. Nevertheless, this example shows the destructive consequences that a weak cyber security can result in.

About the authors

Business Computer Science and Computer Science students interested in Cyber-Security that want to inform the public about current cyber threats.

 

Sources:

[1] https://www.kaspersky.com/resource-center/threats/ransomware-wannacry
[2] https://www.crowdstrike.com/blog/big-game-hunting-with-ryuk-another-lucrative-targeted-ransomware/
[3] https://resources.infosecinstitute.com/topic/ragnar-locker-malware-what-it-is-how-it-works-and-how-to-prevent-it-malware-spotlight/
[4] https://gatefy.com/blog/real-and-famous-cases-ransomware-attacks/
[5] https://www.technologyreview.com/2020/09/18/1008582/a-patient-has-died-after-ransomware-hackers-hit-a-german-hospital/