Part one of a three-part series.

Why are the world’s top law enforcement organizations labeling ransomware as “one of the most serious” and “most damaging” cybercrimes? And perhaps the most dangerous?

“What we find most concerning is that it causes not just direct costs, but also indirect costs of lost operations. We certainly view it as one of the most serious cybercriminal problems we face right now.” – Herbert Stapleton, cybersecurity chief at the FBI in a recent NY times article

Ransomware is the “most widespread and financially damaging form of cyberattack.”

– Fernando Ruiz, acting head of Europol’s European Cybercrime Center in a recent NY Times article.

Cybercrime, until as recently as 2018, was about the theft of credit card credentials, financial data, and healthcare information. And while malicious acts such as the Target breach in December of 2013 and the Equifax incident in September of 2017 received widespread attention and condemnation, they were actually little more than an inconvenience to both the targeted organizations and their customers. Nobody was physically injured, no one died, and no businesses failed.

Ransomware heralded a seismic shift in cybercrime, causing critical business functions to come to a halt and leading, in some cases, to a complete business failure. It jeopardizes the health and safety of hospital patients. Every business, university and healthcare organization are targets of cybercriminals to be easily exploited for financial gain. Most concerning is that both the number of attacks and the cost of the ransom demanded continue to rapidly increase. A new study published by Coveware found that the average ransom payment more than doubled in Q4 of 2019. And recent ransom payments demanded from large enterprises have reached as high as $6,000,000. Ransomware actors have also escalated their tactics by stealing data from their targets before encrypting files and threatening to publish or sell that data if the ransom isn’t paid. Ransomware attacks on healthcare organizations have been tied to an increase in fatal heart attacks according to a Vanderbilt University study released in 2019 and highlighted by Brian Krebs in his article published on “Krebs on Security” in November.

Small and mid-sized businesses are especially hard hit by ransomware. The cost of the ransom and the recovery efforts cost businesses an average of $200,000 according to insurance carrier Hiscox. That cost will increase as ransom demands continue to rise.  And some studies suggest that as many as 60% of small businesses fail within six months of experiencing an incident. Recent victims include Colorado Timberline, a Denver printing supply firm; The Heritage Company, an Arkansas-based telemarketing company; and Brookside ENT and Hearing Services in Battle Creek, Michigan. Don’t let your business become the next victim.

How do hackers gain access to and encrypt your files for ransom? We will dig into that in Part Two, “Anatomy of a Ransomware Attack”, coming soon.