Wednesday, March 30, 2016

Ransomware Plague

Think of the most important institutions that store your data and would suffer the most if this data became compromised. You would probably think that these institutions would have the latest and greatest cyber security and be proactive in preventing attacks on their pivotal confidential data. However, places like hospitals, police stations, and fire departments often don’t have the best cybersecurity and have found themselves in the crosshairs of hackers. A type of cyberattack known as “Ransomware” has the unsuspecting operator download a file or open an attachment that then encrypts their entire hard drive and demands a payment in order to access their data again. The creation of the bitcoin in 2009, which allows users to be paid untraceable and anonymously has caused a resurgence of ransomware attacks, despite the software being around since the 1980s. In 2014, ransomware attacks rose 113% and are only expected to become more prevalent (Sneed). By asking people for a small sum of several hundred dollars within a fixed time or else all of their data will be erased, hackers have been rather successful as people don’t want to see all of their hard work, memories, music, important career information, etc. be erased in the blink of an eye. The hackers who utilize this technology have found a “sweet spot” of around $10,000 for businesses which is small enough that the attacks don’t receive national news or FBI intervention, but will amount to millions of dollars when many locations are attacked.
The reason these high profile institutions such as hospitals are attacked more heavily than a local business, is because the data is much more critical to these organizations and they are more willing to pay. For example, if a fire department has their computerized dispatch system compromised, they cannot dispatch personnel to emergency situations, having disastrous consequences. With more than 3.5 million records compromised in 2016 alone and about 4 breaches per week in the healthcare sector alone, Ransomware is becoming more lucrative to hackers and drawing more criminals to this endeavor (Akpan). With all of the data they house, institutions like hospitals simply can’t upgrade to the latest and greatest cyber security and are often left operating with outdated systems, leaving them vulnerable. The worst part of the whole scheme is that the money obtained in these Ransomware attacks is often funding criminal organizations “tied up in terrible things like human trafficking” (Sneed).

With society becoming increasingly dependent on technology, critical infrastructure such as power grids and dams could be susceptible to attacks. The integration of technology into infrastructure streamlines many processes and reduces inefficiency when you can computerize everything, however, it endangers the public if these systems are compromised from attacks. Looking to the future, the best thing organizations can do is follow better security practices and most importantly back up their data. The hacker’s attacks rely on the encrypted data they compromised being irreplaceable. However, if organizations had extensive backup systems in place such as on hard drives or cloud “warehouses” the compromised data could be replaced and operations could continue like normal.  


Akpan, Nsikan. "Hacking Health Care Records Reaches Epidemic Proportions." Scientific American. N.p., 29 Mar. 2016. Web. 30 Mar. 2016.

Sneed, Annie. "The Most Vulnerable Ransomware Targets Are the Institutions We Rely On Most." Scientific American. N.p., 23 Mar. 2016. Web. 30 Mar. 2016.


  1. I think that these kinds of cyber crimes will only continue to increase as the world becomes more dependent on technology. While there certainly are ways for large companies to avoid ransomware, such as having many backups for data, this will not solve the trend. If criminals can no longer convince companies to pay for the decryption of their data, they may simply steal data from corporations, and sell it to competitors for large sums, where they would certainly have a market. In order to combat this problem, I am sure that the cyber security industry will see a great deal of growth. In addition, individuals will need to become better educated in how to protect themselves from these types of viruses or other scams online, as these types of attacks will likely be more common on a household level as well.

  2. I think that ransomware is emerging as one of the biggest cyber threats today. Recently we were informed by technology services about ransomware and precautions that we can take after the news that a hospital nearby was attacked. I think it is interesting to compare the growth of ransomware with the emergence of Bitcoin like you stated in your blog. I wonder if there would be a way for Bitcoin to be of help with these attacks. I wonder if they could develop a way to find these attackers demanding money through Bitcoin and block their accounts to help limit the amount of attacks. Like you stated in the article, ransomware has been around since the 1980s and has only recently started to become a serious issue which could be a result of Bitcoin beginning to pick up some traction an allowing these attackers to acquire money from the people they are attacking virtually through the internet. Either way, I think that we need to take ransomware seriously and take the necessary precautions to ensure the security of our data.

  3. I believe that ransomware and all forms of security penetration are very interesting. Its amazing to consider that programmers must not only ensure that their programs work but also that nobody will try and break them on purpose. Security will never be perfect and people will try and profit off of this as long as there's a way to make money. I really do feel that a lot of the time its a vulnerability in a particular service that can even detriment other unrelated services. Say for instance that your servers relied on Amazon for security, if Amazon were ever attacked that would also leave your service vulnerable to attackers. In the case of ransomware I feel this to be particularly bothersome though because no information is being stolen. Usually it will only be for the money. I hate to say it but the only real way to protect yourself is to back up your data everyday. Its not going to stop the attacks from happening but surely it will save the hassle of trying to recover your data. Backups do not really take a long period of time and people should only be syncing important files, not any re-downladable programs.


Note: Only a member of this blog may post a comment.