Right before Christmas 2019, Arkansas based telemarketing firm, The Heritage Group, announced it was closing the company down. Earlier, in October, the company suffered a ransomware attack that crippled the computer systems of the firm. The company had paid the ransom demanded but had been unable to restore its systems. Just before Christmas, the company’s leadership sent out a letter to all of its employees announcing that due to the attack, the company was forced to close. Ransomware attacks on small businesses increased at an alarming rate in 2019. Find out what you can do to protect your own business or practice from a similar fate.
In October 2019, The Heritage Group was attacked by unknown attackers. It was infected with ransomware that encrypted the data on all of their servers. The company apparently didn’t have sufficient backups to restore operations. The company decided to pay an unknown amount in ransom to gain back access to their data. However, even after paying the ransom, the company wasn’t able to recover. They kept working on the problem right up until before Christmas.
The company estimated in the time it was down, it had lost hundreds of thousands of dollars in revenue. This, along with not being able to properly restore their systems to operational status, forced the management of the company to halt operations. In a letter to employees, management informed the employees of what had occurred and what they had tried to do to restore operations. However, even after two months of attempts, they were unable to recover. Employees stated that they had no idea that a ransomware attack had even hit the company.
This attack is similar to the ENT practice in Michigan that was forced to close down in 2019 after a ransomware attack. The practice had no backups and the managing physicians made the decision to close the practice rather than trying to recover. This left thousands of patients with no access to their medical histories and information.
Ransomware Attacks on Small Businesses are Increasing
In 2019, Malwarebytes, an anti-malware software company, discovered that attacks had increased 363 percent from the previous year. In a report, they detailed their findings that attackers were targeting small businesses more frequently. They also noticed a sharp uptick in attacks on healthcare organizations, local and city governments, and schools.
The report noticed a shift aware from consumers to target more businesses and government offices. If an attacker goes after a consumer, they usually just get access to one computer. But if they manage to make it into a commercial or government network, then they will have access to a much larger amount of computers. The amount of ransom that can be demanded is also much larger. Recently, two cities in Florida that were both hit with ransomware attacks decided to pay up over $500,000 each to get access to their data.
It is estimated that ransomware attacks on small businesses force closure in 20% of the companies attacks. Either the company can’t afford to pay the ransom (and have no backups of their data) or they pay it and still aren’t able to restore operations. This is a new threat to the very survival of businesses in the US.
FBI issues alert on attacks
On October 2nd, 2019, the Federal Bureau of Investigation issued a warning about how ransomware had been seeking out American small businesses to target. The losses of these attacks have increased year after year. In addition, attackers have found ways to remain hidden and launch even more effective attacks on poorly defended businesses.
In the same announcement, the FBI provided many measures organizations can take to protect themselves from these sorts of attacks. Examples include:
- Make regular backups of data and verify that the backups are complete and usable
- Ensure that each device on your network has anti-malware software that auto-updates and scans in real-time
- Keep all operating systems on current support versions and patched
- Protect all remote access through Remote Desktop (RDP)
- Use strong, secure passwords
- Awareness training for staff on what not to do and how to report incidents when they happen
- Implement least-privilege on all access – if the user doesn’t need access, not allow them to have it
Does all of this look familiar? They are all also requirements under HIPAA regulations.
You can view the FBI’s public service announcement here.
What used to be just an annoyance to home users has now become a serious threat to businesses of all sizes. However, smaller businesses and practices are much more at risk. Ransomware attacks on small businesses have the ability to force those companies to shut down completely. The more data we store on our computers, the more reliant we become on them. When we can’t access that data to manage and run our businesses, most wouldn’t be able to operate.
Protecting yourself from ransomware is not only a responsibility you have to your customers or patients, but it is also a responsibility you have to your employees and yourself. Your very livelihood as a business owner is potentially at stake.
Ensure you have the proper backups that you test regularly of all of your data. Keep a copy offsite so that it is impossible to become infected with ransomware. Make sure you provide training to your staff on ransomware and how it tries to enter your computers. They are often the weakest link to all of your security plans. Make sure all computers are kept up to date with the most current versions of all software and patches. If you use remote access for employees, make sure that you use it through a VPN connection and have very strong passwords. Lastly, make sure you have good commercial grade anti-malware software on every computer. Following these steps will greatly reduce your vulnerability to this very serious threat.