Three major ransomware attacks dominated the headlines in 2017, but there were also dozens of smaller incidents that paralyzed organizations and businesses throughout the year. Because many cyber attacks go unreported, we can only guess at the full extent of the problem. However, the large number of attacks that were made public show that ransomware persists as a major threat to any device that connects to the internet.
Medical centers, school districts, and city governments dominate the list of victims, but that doesn’t mean that businesses have been spared. Non-profits and government organizations show up at a disproportionate rate simply because they must report data breaches and explain loss of services. Many affected businesses don’t report attacks to avoid embarrassment, but they feel the effects just as much, if not more.
Here’s a recap of two ransomware attacks from 2017 followed by a list of victims with links to their stories.
KQED San Francisco: From Teachers to Victims
One of the most notable victims of ransomware this year was San Francisco’s KQED, which operates public television and radio stations. The station went from publishing articles on how to avoid ransomware to a victim in a matter of days. The attack created an enormous amount of stress as it forced employees to find complicated workarounds for tasks that were previously easy to complete.
Admirably, the NPR member station has shared its story as a cautionary tale to other organizations. The big takeaway is that backing up files is crucial to recovering from an attack. Luckily, KQED stored much of its donor and member information in the cloud, where it was safe from the encryption that scrambled other files.
Mecklenburg County, North Carolina: A Month of Business the Old-Fashioned Way
Another typical ransomware attack from 2017 occurred in Mecklenburg County, North Carolina. Hackers demanded $23,000 to restore files from departments spanning finance, parks and recreation, social services, deeds registration, the assessor’s office, and more.
The malware was hidden in a phishing email, which an employee mistakenly clicked on. The county refused to pay the ransom and resorted to using paper instead of electronic forms. It has now been over a month since the attack on Dec. 4th., and most, but not all, of the county’s services have been restored.
List of U.S. Organizations Affected by Ransomware in 2017
Below is a list of 30 organizations that suffered crippling ransomware attacks last year. The ransoms ranged from as little as $500 to as high as $120,000. Most organizations ignored the ransom demands, but still paid a price in lost time and cumbersome workarounds.
- Arkansas Oral & Facial Surgery Center Undisclosed amount
- Brownsburg Public Library (Indiana) Undisclosed amount
- Calallen Independent School District (Texas) $500 (unpaid)
- Caro Community Hospital (Michigan) $120,000 (unpaid)
- Cleveland Medical Associates (Tennessee) Undisclosed amount
- Cockrell Hill Police Department (Texas) $4,000 (unpaid)
- Colorado Center for Reproductive Medicine (Minnesota) Undisclosed amount
- Dorchester School District (South Carolina) $2,900 (paid)
- ECMC Hospital (New York) Undisclosed amount
- Englewood, Colorado Undisclosed amount
- Georgia Agriculture Department Undisclosed amount
- Hackensack Sleep and Pulmonary Center (New Jersey) Undisclosed amount
- Heritage Valley Health System (Pennsylvania) Undisclosed amount
- KQED (California) $2,500 per computer or $27,000 for all (unpaid)
- Licking County, Ohio Undisclosed amount
- Los Angeles Community College $28,000 (paid)
- Marion County Fairgrounds (Indiana) Undisclosed amount
- Mecklenburg County, North Carolina $23,000 (unpaid)
- Mountain Home Water Department (Arkansas) Undisclosed amount
- Newark, New Jersey $30,000
- Pacific Alliance Medical Center (California) Undisclosed amount
- Pennsylvania State Senate Democrats Undisclosed amount
- Proctor School District (Minnesota) $6,000 (unpaid)
- Roxana Police Department (Illinois) Undisclosed amount
- Sacramento Regional Transit (California) $8,000 (unpaid)
- Spring Hill, Tennessee $250,000 (unpaid)
- St. Louis Public Library (Missouri) $34,020 (unpaid)
- St. Mark’s Surgical Center (Florida) Undisclosed amount
- Urology Austin (Texas) Undisclosed amount
- Washington, D.C. CCTV System Undisclosed amount
All of these stories demonstrate how frustrating and time-consuming a ransomware attack can be. Those who had good backups were able to recover quicker than those that did not, but restoring affected systems was still a lengthy process. The list serves as a humbling reminder that organizations large and small are vulnerable to cyber attacks and that precautions should be taken.