Beyond the figures: Exploring the hidden costs of ransomware

[harlan4096]

In the past, we’ve talked extensively about the impact of ransomware on both the U.S. and a global scale. But what these reports fail to capture is the effect of ransomware in minutiae; how it has forced small businesses to shut down, allowed criminals to escape and prevented patients from accessing drugs and health care.

In today’s post, we’re going to go beyond the financial figures and explore 10 ways ransomware has impacted the day-to-day lives of small businesses, employees, students and hospital patients around the world.

1. Police lose evidence, alleged criminals walk free

Ransomware attacks on police departments have severely impacted 911 services. Police stations have been forced to use inefficient pen and paper systems, evidence has been lost and suspected criminals have been allowed to walk free.

• Florida’s Stuart Police Department was hit with Ryuk in April 2019. The attack resulted in the loss of 18 months’ worth of digital evidence, forcing the department to drop 11 cases against six suspected drug dealers. The dropped cases included charges for possession of meth, possession of cocaine, selling narcotics, manufacturing narcotics, delivering narcotics and more.
  
• In December 2016, suspected Ukraine-based attackers held the Cockrell Hill Police Department’s server to ransom using a strain of ransomware known as Osiris. The department refused to pay the $4,000 ransom, which led to the loss of eight years worth of video evidence.
  
• The New Orleans Police Department was plunged back into the pre-Internet era after suffering a ransomware attack in December 2019, impacting its ability to access information and coordinate reports. It took police weeks longer than necessary to catch an accused serial flasher as they were unable to readily access electronic files across districts.
  

2. Disrupted digital HVAC leads to mold growth at Ohio schools

More than 1,200 schools in the U.S. were affected by ransomware in 2019, as noted in our report, The State of Ransomware in the US: Report and Statistics 2019. Often the effects were predictable – grades were lost, the staff was unable to access data about students’ medications or allergies, schools were temporarily closed down – but sometimes an attack had unexpected consequences.
 
In May 2019, the Coventry Local School District was hit with Trickbot, which brought down the phone systems and forced some schools to shut down for a day. The attack also affected some schools’ Internet-connected HVAC units, resulting in a loss of temperature control, which led to potentially harmful mold growing inside the affected schools.

3. Real estate transactions halted in Baltimore

In May 2019, Baltimore city was infected with RobbinHood. In addition to disrupting almost every government department, the attack also had a profound impact on the real estate market.

Essential systems required for real estate deals were brought offline, halting property transactions during what is typically one of the busiest months for Baltimore’s property market. Property transactions could not be completed as title insurance companies were unable to check the status of property lies or verify taxes owed or water bills, and were therefore unable to issue title insurance to homebuyers. It took two weeks for the government and real estate officials to develop a manual workaround.

4. Hospitals forced to turn away new patients, surgeries delayed

While ransomware attacks are usually financially motivated, for victims there’s often more than just money at stake.

This is particularly true in the healthcare sector. Ransomware groups have frequently targeted healthcare organizations as the threat of life-endangering downtime puts significant pressure on victims to pay the ransom. Attacks have delayed surgeries, forced hospitals to turn away new patients, caused the loss of patient data and even forced some healthcare providers to close their businesses permanently.

• In October 2019, a ransomware attack severely disrupted operations at three hospitals belonging to the Alabama hospital group DCH Health Systems. The hospitals were forced to stop admitting all incoming non-critical patients and ambulances were instructed to take patients to other hospitals when possible.
  
• Also in October 2019, seven hospitals in Australia were hit by ransomware. The attack disrupted outpatient appointments, delayed elective surgeries and forced the hospitals to shut down some patient record, booking and management systems.
  

...

Continue Reading