View All R&D Articles

Schools, Non-Profits, Local Governments, and Medical Centers Hit by Ransomware in 2017

January 10, 2018

ransomware victims organizations 2017 logos

Three major ransomware attacks dominated the headlines in 2017, but there were also dozens of smaller incidents that paralyzed organizations and businesses throughout the year. Because many cyber attacks go unreported, we can only guess at the full extent of the problem. However, the large number of attacks that were made public show that ransomware persists as a major threat to any device that connects to the internet.

Medical centers, school districts, and city governments dominate the list of victims, but that doesn’t mean that businesses have been spared. Non-profits and government organizations show up at a disproportionate rate simply because they must report data breaches and explain loss of services. Many affected businesses don’t report attacks to avoid embarrassment, but they feel the effects just as much, if not more.

Here’s a recap of two ransomware attacks from 2017 followed by a list of victims with links to their stories.

KQED San Francisco: From Teachers to Victims

One of the most notable victims of ransomware this year was San Francisco’s KQED, which operates public television and radio stations. The station went from publishing articles on how to avoid ransomware to a victim in a matter of days. The attack created an enormous amount of stress as it forced employees to find complicated workarounds for tasks that were previously easy to complete.

Admirably, the NPR member station has shared its story as a cautionary tale to other organizations. The big takeaway is that backing up files is crucial to recovering from an attack. Luckily, KQED stored much of its donor and member information in the cloud, where it was safe from the encryption that scrambled other files.

Mecklenburg County, North Carolina: A Month of Business the Old-Fashioned Way

Another typical ransomware attack from 2017 occurred in Mecklenburg County, North Carolina. Hackers demanded $23,000 to restore files from departments spanning finance, parks and recreation, social services, deeds registration, the assessor’s office, and more.

The malware was hidden in a phishing email, which an employee mistakenly clicked on. The county refused to pay the ransom and resorted to using paper instead of electronic forms. It has now been over a month since the attack on Dec. 4th., and most, but not all, of the county’s services have been restored.

List of U.S. Organizations Affected by Ransomware in 2017

Below is a list of 30 organizations that suffered crippling ransomware attacks last year. The ransoms ranged from as little as $500 to as high as $120,000. Most organizations ignored the ransom demands, but still paid a price in lost time and cumbersome workarounds.

All of these stories demonstrate how frustrating and time-consuming a ransomware attack can be. Those who had good backups were able to recover quicker than those that did not, but restoring affected systems was still a lengthy process. The list serves as a humbling reminder that organizations large and small are vulnerable to cyber attacks and that precautions should be taken.