Cybercriminals continue to leverage ransomware to breach systems and exploit organizations. It’s never a good time for a company to suffer a cybersecurity breach and have their systems and data held hostage until a ransom is paid, but to fall victim at a time so many businesses are struggling financially could be catastrophic. For healthcare providers managing COVID-19 patients, downtime due to ransomware could impact patient care and prove to be deadly.
According to a study by Datrium, a computer security services provider, ransomware attacks are up since the COVID-19 crisis began in America. Their survey of 300 IT professionals revealed that almost 70 percent experienced ransomware attacks since the stay-at-home period began. If anything, cybercriminals are taking advantage of people and organizations when they are most vulnerable, preying on their fears and anxiety, as well as exploiting vulnerabilities that come from working at home on potentially unsecured networks using devices without adequate cybersecurity protection.
Like any virus, ransomware has evolved since the pandemic began—hackers have changed their tactics to maximize their malware’s effectiveness. For starters, they’re using emailed COVID-19 themed ‘lures’ to phish for victims. These emails use content about things like vaccines, antibodies, collaboration solutions, and supplies such as masks and hand sanitizer to get the recipient to click on a link or open a file and spring the trap. They’re also designing their malware to launch immediately once inside a network, rather than waiting and biding their time before deploying the ransomware. Perhaps most nefarious of all, cybercriminals are increasing the amounts of their demanded ransoms, knowing their victims are more desperate than ever and don’t have time to negotiate.