Levi, Ray & Shoup, Inc.

Are you aware of ransomware?

7/21/2022 by LRS IT Solutions

Did you know that there have been five major ransomware attacks already this year?

Just after the new year, Bernalillo County, the largest county in Mexico, discovered that it had been the victim of a paralyzing ransomware attack which took a jail offline.

That attack knocked security cameras and automatic doors in the Metropolitan Detention Center offline, so inmates had to be confined to their cells. The Center had to severely restrict movement of inmates, a potential violation of a 25-year-old settlement agreement over the conditions of inmate confinement. 

In February, Nvidia, the world’s largest semiconductor company, was hit.

The ransomware group Lapsus$ took responsibility for the attack and claimed that they had access to 1TB in exfiltrated company data that they would leak online. It also demanded $1 million and a percentage of an unspecified fee from Nvidia.

Between February and March 2022, three Toyota suppliers were hacked, showing us that no matter how large and secure your organization may be, a determined threat actor can and will find a way to break in.

Kojima Industries was the first Toyota supplier to be hit by a cyber-attack (not necessarily a ransomware attack) that caused the giant to halt operations in 14 of its Japanese plants. This hack is said to have caused a whopping 5% dip in the company’s monthly production capability. 

Two more Toyota suppliers, Denso and Bridgestone, fell prey to ransomware attacks within a span of 11 days. Bridgestone’s subsidiary experienced a ransomware attack causing the computer networks and production facilities in Middle and North America to shut down.

The first ransomware attack on the nation of Costa Rica began in early April and brought the ministry of finance to its knees, impacting not just government services but also the private sector engaged in import/export.

Ransomware group Conti took responsibility for the first attack, asking the government to pay the ransom of $10 million and later increasing it to $20 million.

On May 31, another attack plunged the country’s healthcare system into disarray. This attack, linked to HIVE, affected the Costa Rican social security fund. This attack directly affected the common Costa Rican person as it took the country’s healthcare systems offline. 

Indian airline SpiceJet faced an attempted ransomware attack earlier this year, leaving hundreds of passengers stranded in several locations in the country.

While the airline underlined the fact that it was only an “attempted” ransomware attack and that its IT team managed to contain the situation, the incident exposed serious cybersecurity gaps in one of the world’s largest aviation markets.

Those are just the five major ransomware attacks so far this year, and we’re only in July. Don’t take comfort in the fact that most of them occurred outside the US; as we reported a month ago, we rank highest in the world for ransomware attacks.

Worldwide, ransomware cost the world $20 billion in 2021, a number that is expected to rise to $265 billion by 2031. Here are some other numbers from last year:

  • In 2021, 37 percent of all businesses and organizations were hit by ransomware.
  • Recovering from a ransomware attack cost businesses $1.85 million on average in 2021.
  • Out of all ransomware victims, 32 percent pay the ransom, but they only get 65 percent of their data back.
  • Only 57 percent of businesses are successful in recovering their data using a backup.

If you’re wondering why we’re shining a light on specific attacks and global statistics, it’s because July is Ransomware Awareness Month. Are you aware of the constant threat of a ransomware attack?

If not, it’s lucky for you that our Security team is always aware of the threat organizations face from the full range of bad actors, including those intent on hacking into your systems and holding them for ransom. Our Security specialists can assess your environment’s security posture and provide an action plan for fixing vulnerabilities. Contact us for a free consultation.

Don’t let your organization be the next example of a ransomware attack.