What Are The Targets of Ransomware?

open lock

This year has been especially challenging for the world of Cybersecurity.  One of the main catalysts for this has been the sheer explosion in the number of Ransomware attacks, which is completely unprecedented.  What is making this so hard to try to keep up with is that there are new variants of it coming out nearly every day.  The Cyber attacker has even come out with new ways to keep their breaches and digital footprints covert.

In this article, we briefly cover what Ransomware is and what its primary targets are.

What Is Ransomware?

Ransomware is actually a form of Phishing.  When you accidentally open a suspicious email and open up the attachment or click on a malicious link, you are actually creating a back door in which the Cyber attacker can deploy the malicious payload.  

Once this has been installed, it takes hostage of your computer and encrypts all of the files within it so you will not be able to access them.

Theoretically, the only way to gain back access to your computer is if you pay the ransom, which has to be done in the form of a virtual currency, such as Bitcoin.  Once the Cyber attacker has received this payment, the thinking is that he or she will then send you the decryption algorithms so that you can gain access back to your computer.

But this rarely ever happens, and there have been only very few Cyberattack groups that have followed up with this promise.  In fact, Ransomware attacks have become far worse.  For example, many of them now involve the tactics of extortion.  

In this scenario, if payment is not made, threats are then made that the confidential information and data that has been stolen will be made available to the public and on the Dark Web for sale.

Who & What Are Ransomware’s Biggest Targets?

This is the next most asked question about Ransomware.  The bottom line is that just about anybody or any business can become a victim.  Even the targeted device can vary.  It can be your hard-wired computer, your smartphone, or another form of wireless device.  

There are no favored or heavily sought-after targets in this regard.  In fact, if you have multiple devices, they could all be hit simultaneously, or even individually, at various intervals.

But there are favored industries that the Cyber attacker likes to go after, and these include the following:

  1. Our own Federal Government:

The US Federal Government is infamously known for using extremely outdated technology.  Many of them still use unsupported software products, such as Windows 7 and 8.  Also, there are some that still rely upon using mainframe-based components, such as the IRS.  Because of this, deploying and applying the latest software patches and upgrades has become an impossible task. Worst yet, you simply cannot rip out these legacy systems and install new ones, as there will then be interoperability issues.  Because of this, one of the prime directives of the Biden Executive Order on Cybersecurity is that the government, over a period of time, must start to replace these aging systems.  Also, many of the agencies from within the Federal Government have not deployed any sort of endpoint protection, thus making them also a highly favored target in which malicious payloads are deployed.

2. The Healthcare Industry:

This is one of the very few market sectors in which controls and keeping devices up to date are being established, and the driving force behind this is HIPAA.  But even despite this, Ransomware has still impacted this industry hard.  One of the reasons for this is that there is a lot more at stake to be captured other than just credit card numbers and passwords.  There is the patient’s medical history and related data.  If this is hijacked, it is quite possible that the Cyber attacker could even get access to the patient’s medical device and launch covert attacks upon that.  The effects of this can be devastating, such as possible loss of life of the individual if their particular device has been remotely tampered with.

3. Colleges and Universities:

Before Cyberattacks became the norm in our society today, many of the higher-level educational institutions felt that they would never become a prime target.  As a result, very little effort was done to ramp up the level of security onto the campus servers and the workstations at the various computer labs.  Because of this, the education segment also has become a favored target for Ransomware attacks.  One of the reasons for this is that younger students tend to be much more impressionable and it is quite easy for them to fall victim to just about any type of threat variant.  For example, Phishing emails are used quite often, luring students into getting low-interest loans, or even getting expensive textbooks for free.  Also, a newer technique that has been developed is Cyberattackers who are claiming to be freelancers with the promise of writing term papers for literal pennies on the dollar.

4. The Recruiting Industry:

Out of all of the other segments reviewed in this article, this is probably the easiest one in which a Cyber attacker can launch a Ransomware campaign.  One of the main reasons for this, even for a trained eye, is that it is very difficult to tell what is real and fake.  For example, with the COVID19 pandemic, many phony and fictitious recruiting websites have been launched using heisted domain names, which make them look like the real thing.  Also, the use of Social Engineering tactics is used quite heavily here, with Robocalls being placed mimicking genuine recruiters.  Another technique used now more commonly is that of “Smishing.”  This is when fake, illegitimate text messages are sent to mobile devices with a link to click.  And if this happens, that particular wireless device will more than likely be used in a Ransomware attack.

How Can Your Keep Your Business Protected?

Ransomware has become a major threat in today’s online landscape. Cyberattackers continue to develop new techniques and strategies to deploy their malicious software across a variety of industries. It is important to keep yourself and your organization up to date with the latest information of these attacks to protect yourselves and your clients’ data. If you are needing assistance with Ransomware Protection and advice on protecting your organization, you should always consult first with a Managed Service Provider (MSP). Results Technology is an award-winning MSP that specializes in IT compliance, financial institution IT solutions, and cybersecurity. Give us a call today if you would like to schedule a free consultation with one of our experts.