2020’s Worst Ransomware Attacks and Why Backups Should Lead the Protection in 2021

Worst Ransomware Attacks and 2021 Prevention

Imagine what would happen if:

  • A patient headed for a hospital for trauma or emergency care was diverted to a hospital that possibly did not offer that kind of care.
  • An entire city government ‘s computers were shut down and the cybercriminals wanted $7 million to put them back on line.
  • Higher and lower educational institutions had their data files encrypted as well as the students’ own personal data and emails. None could be accessed.
  • A business hit with ransomware did not pay the ransom and the attacker released sensitive information and trade secrets on the Internet
  • A small business paid a ransom and found themselves in facing stiff fines because the payment went to a cybercriminal  in a country that is on the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) Specially Designated Nationals and Blocked Persons List (SDN List) which includes countries such as Cuba, Iran, North Korea, and Syria

These “what if” moments were actual results of some of 2020’s worst ransomware attacks; with small businesses, municipalities, schools and health care organizations among the hardest hit. 

We may not have read about these situations because they draw little news interest compared to some mega company like Microsoft being hacked. But, the fact is, these are the everyday victims of ransomware.

Ransomware Attacks Against Small Businesses

Almost half of small businesses have had a cyber attack and, of those, 60 percent have gone out of business within six months, according to National Security Alliance research reported by Inc.

Small businesses are vulnerable because the cyber criminals think of them as easy targets. One study undertaken in February 2020 revealed that 43 percent of small businesses do not have any defense plan to prevent cyber attacks. The owners don’t believe they will be targeted even though statistics prove that 18.5 percent of them have had a breach in the past year.

The impact of a cyber attack on small businesses can be especially devastating, according to the study. 

  • 25 percent of the businesses  in the study said they spent $10,000 or more to resolve the attack .
  • According to 50 percent of them, it took 24+ hours  to recover from the attack.
  • 25 percent of them also said they lost business due to the attack.
  • And 40 percent reported losing data.

Ransomware Attacks Against Cities (and Municipalities)

As if the COVID-19 pandemic and natural disasters weren’t enough, the city of New Orleans in early 2020  was the victim of a ransomware attack that disabled  4,000 of their computers. The ransom to get them up and running again was $7 million. 

The attack came at a time when the city was trying to deal with the work and safety complications of COVID-19. The criminals, however, didn’t win. The city did not pay the ransom and invested $4.5 million to get their computers and other technology equipment updated and running. Insurance covered $3 million of that, but it took six months to get back to a semblance of normalcy. The city  also increased its insurance coverage and, most importantly, developed a disaster plan for future incidents. 

Ransomware Attacks Against Education

American colleges also suffered ransomware attacks beginning in early 2020. The University of California San Francisco, paid $1.14 million to get a key to decrypt its data. The University of Utah paid almost a half a million dollars  to unlock its files and restore its phones and internet services. 

Now K-12 schools are being hit. The K-12  districts  of New York (Syracuse), Connecticut, Oklahoma, Nevada and New Mexico have all been attacked. Schools have become increasingly targeted because many of them are using older equipment, serviced by small IT teams with limited cybersecurity experience. 

2020 Ransomware Attacks Against Medical Facilities

In July of 2020, while COVID-19 was running rampant, a cyber security company discovered hospitals received cyber attacks while patients were on the way to the hospital. CNN reported the situation. The attack diverted patients en route to different medical facilities than what they needed.  Those patients didn’t get the critical care as quickly as they should have, though there were no reports of fatal consequences.

Patients in the hospitals were impacted too, as was staff. That’s because the technology used in diagnostics like bloodwork, MRIs, x-rays  and other patient care  services were also targeted in the attack.

In that one attack, six hospitals were so severely targeted and posed such a danger to patients that government agencies issued a red alert to all hospitals, medical staff and facilities. 

Even worse, the first death attributed to ransomware occurred in Germany in late 2020 when a patient was diverted from a hospital that had been hit with ransomware to another hospital and passed away as a result of the delay.

Ransomware Attack Statistics

According to the 2020 State of Ransomware Report by Sophos, a company that makes antivirus and encryption products used worldwide, most ransomware attacks succeed in encrypting data (73 percent). Of those attacked:

  • 94 percent get their data back
  • 26 percent recover their data by paying the ransom
  • 56 percent recover their data by restoring their backups
  • 12 percent recover their data through other means

They also reported that paying the ransom is twice as expensive as restoring the data from backups, not to mention there is no guarantee that you will be able to decrypt your data if you pay and there is the threat of OFAC fines. So it is worth the time and money to  invest in prevention and backups so that if you are attacked, you won’t even have to consider paying the ransom.

Start 2021 With a Disaster Recovery Plan to Prevent Ransomware Losses

There were literally thousands of ransomware attacks in 2020. Companies, small and large, municipalities, educational institutions and others who worked with a managed service provider (MSP) such as Intrust, had fewer headaches and less financial loss than those who gave in to the ransom demands.  

An effective disaster recovery plan includes:

  • Backup, backup, backup! If you are like most businesses, you will need a few different backup solutions for the different types of data you need to protect. Work with your IT team or managed service provider to develop a disaster recovery plan that works for your business and your budget.
  • Train your team now and on a recurring basis. Cybercriminals are crafty. Your team  needs to be proactive and stay ahead of them. Can your employees spot suspicious emails, texts, social posts? If not, they could be tricked into providing access to your network.  Some managed service providers, including Intrust, provide comprehensive cybersecurity expertise as part of their IT support and can help train your team. If you don’t have cybersecurity support, you’ll need to keep up to date on your own. Assign staff to review the latest trends in malicious attacks. Then have them pass on their knowledge to colleagues.
  • Install ransomware protections, including a  firewall  and complete endpoint (aka antivirus or antimalware) protection so you can protect each device. This is the best way to make sure each and every device on your network – every computer, tablet, phone, etc. – is protected. This should be covered if you have a managed service provider.
  • Run simulations of cyber attacks using emails or texts. These simulations identify if there are weaknesses that need to be addressed by re-training. Simulations are one of the best training tools available, although they might be hard to complete without a large IT team or outsourced support.
Posted in
Tim Rettig | IT Support Cincinnati | Intrust IT

Tim Rettig

Tim Rettig, Intrust IT founder and serial entrepreneur, is a tech expert, educator and tireless advocate for employee ownership. His strategic work to build partnerships with clients has made Intrust into one of the fastest growing IT companies—scoring a spot on Inc. 5000’s list of Fastest Growing Private Companies for a total of four years.

Share this Blog

Enterprise Password Management Promo Wide

Is Your Name or Birthday a Part of Your Password?

If so, you’re a part of the 59 percent of people who don’t follow proper password hygiene. More than 70 percent of passwords are used for more than one system, meaning if cybercriminals crack one, they can access a lot more accounts.

Our free Enterprise Password Management Guide will give you the best password hygiene practices to help you secure your computer and your business.

Download the Guide

Explore the Latest Trends in IT

Fundamentals of Information Technology Management - Intrust

IT 101: What Is Information Technology Management?

When was the last time you stopped to think about how your business relies on technology? Information technology management is...
Avoid Pig-Butchering - Intrust IT

Pig-Butchering Scams: What They Are and How to Stay Safe

At Intrust IT, we understand that it may feel like the specter of cybersecurity is always breathing down your neck....
3 Reasons to Replace Aging Equipment - Intrust IT

Three Compelling Reasons Your Company Should Replace Its Aging Computers Before Year-End

As the end of the year approaches, businesses everywhere are evaluating their budgets and looking for strategic opportunities to invest...
What are managed services - Intrust IT

What Are Managed Services? And What Are the Benefits?

Running a business in today’s tech-driven world means you need reliable IT infrastructure. But let’s be honest, managing IT in-house...
Windows 10 End of Life How This Could Impact Your Business - Intrust IT

Windows 10 End of Life: How It Could Impact Your Business

As Microsoft officially plans to end support for Windows 10 on October 14, 2025, businesses need to begin thinking ahead....
AI implementation Roadmap Intrust IT

Master AI Integration With Our AI Implementation Roadmap Guide

AI is one of the greatest technological breakthroughs of the last few years. It has become our handy assistant, data...