The WannaCry worm that attacked the United Kingdom’s National Health Service in May 2017 was arguably the most highly publicized ransomware attack, but it wasn’t the first and won’t be the last.

Ransomware on healthcare organizations will quadruple by 2020, according to The Ransomware Damage Report from Cybersecurity Ventures, the world’s leading researcher covering the global cyber economy. The Cisco 2017 Annual Cybersecurity Report  shows that ransomware is growing at a yearly rate of 350%.

In the U.S. this spring, attackers demanded about $50,000 worth of bitcoin from Atlanta after they infected the city’s systems with the SamSam malware.  Atlanta spent more than $2.6 million on emergency efforts to respond to the ransomware attack, which destabilized municipal operations for almost a month.

The same SamSam malware hit Colorado’s Department of Transportation. Their back-end operations were offline for six weeks after the attack that started March 2, 2018. As with case in Atlanta, the attackers demanded bitcoin in exchange for the key to recover encrypted computer files. Colorado officials refused to pay, but they had to clear each computer. The Colorado National Guard helped more than 100 IT professionals to investigate, contain and recover. The cost? Up to $1.5 million, according to the state.


Ransomware attacks haven’t dominated cybersecurity news in recent months. Instead, social media misuse and election security have commanded the headlines. While ransomware is not as prevalent in the news as it was a year ago, it is still out there. Just as what you say on the internet stays around “forever”, so does malware.  As malware changes over time, older versions are floating around testing unpatched and unsecured systems. They are also being reworked to do more harm, be less detectable, or add other malicious activities.

You can reduce the risk of infecting your business by educating your workforce and stopping vectors, like phishing e-mails, with IDS/IPS (Intrusion Detection Systems and Intrusion Prevention Systems).

Learn about our IDS/IPS service — Garnet Shield

Main Source of Ransomware — Phishing Attacks

Phishing is a form of fraud in which the attacker tries to learn information, such as usernames, passwords or credit card numbers by pretending to be a reputable entity or person in an email to the victim. According to Inspired eLearning, 91% of hacking attacks start with phishing emails, and 9 of 10 phishing emails carry ransomware.

Phishing attacks are becoming more sophisticated. Earlier this summer, scammers perpetrated a new tactic. The email from the scammer includes an old, or perhaps current, password that belongs to the victim. People’s data floating around the internet, often for sale thanks to the recent database breaches at major companies like Yahoo!, eBay, Target and Equifax. That information is now being used in phishing scams.

Security Awareness Training Is Key

We have tips for how you can protect yourself and avoid the phishing net. The most important tip, especially from the perspective of a company or organization, is security awareness training. PhishProof Anti-Phishing software, for example, can reduce an organization’s phishing susceptibility by 92%. With new methods of attack being created all the time and with employee turnover, security awareness training is always a wise choice.

Employees can be a weak point in your security infrastructure. Educating them can turn them into a strength.

Authors of the 2018 Hiscox Cyber Readiness Report agree, stating “Simply spending on technology is not enough without a fully structured, rigorous set of processes combined with people who are fully aware of the issues.” Their report reveals that 55% of experts in the field plan to lift their spending on training while 29% of managers with only basic information security knowledge have the same spending increase plans. The gap between these responses illustrates that information security controls are more important than the are perceived.

Employees who embrace online security awareness training are better equipped to recognize phishing attempts and other malicious activity. Your organization’s data and network are safer because of trained employees.

Just one innocent click on a baited link in a phishing email can compromise an entire network.
Consider these phishing stats from Inspired eLearning:

  • More than 2 million phishing emails are sent every day
  • 30% of phishing emails are opened
  • 91% of hacking attacks start with phishing emails
  • 90% of phishing emails carried ransomware (March 2016)

Learn more about Garnet River’s Security Awareness Training solution