US Security vendor Stealthcare has warned that malware, already making significant inroads into healthcare, is beginning to turn its attention to other verticals. According to Jeremy Samide, CEO, Stealthcare: “Recent cyber attacks against hospitals in California and Kentucky, during which hackers encrypted their data with new strains of ransomware, are spreading to other industries.”
Those other industries that Samide is talking about are law firms and financial institutions. Back in February a Jacksonville, Florida law firm, Brown Firm, admitted they’d been attacked with ransomware. While the company said no data had been compromised it did admit that it was unable to access any records. In the end they paid the $2,500 in bitcoin demanded by the attacker.
The challenge for legal firms is that they increasingly scan everything that comes in the door. While the paper is still retained it is often moved off-site very quickly to long term storage. The effect of ransomware attacks, according to Samide is that is has: “reduced them to pen and paper recordkeeping.”
Back in January, Security Week reported that a number of banks in India were hit by the LeChiffre ransomware. While it was not very effective, a decryption tool was quickly developed, it did cause problems for some banks. In February 2016, the US Federal Financial Institutions Examination Counsil (FFIEC) warned banks that it was aware of ransomware attacks against financial institutions. In one case the ransom demand was said to be $5,000 although it was not clear if this was per machine or per attack.
Samide believes that the problem for many companies is that they are too focused on responding to an attack. Instead, they should go on the offensive and implement proactive solutions including the use of cyber intelligence products to prevent attacks happening in the first place. Another of those solutions is to implement two-factor authentication (2FA) and for everything to be encrypted to prevent it being stolen.
Samide is not the first to warn of ransomware looking for new targets. Attacks on law firms, banking, oil and gas, pharmaceuticals and education have all been reported in the last 12 months. At the moment, they are secondary to attacks on individuals and healthcare. It won’t last long, so warnings from Samide and others need to be heeded before paying ransomware authors just becomes another line on customers statements alongside other bank charges.