In just one year, the sale of ransomware on the dark web grew more than 2,500 percent, meaning cybercrime has become a game everyone wants to play. In 2016, the ransomware market on the dark web was $249,287, but by October 2017, it exceeded $6 million.
Although not all of the notable cyberattacks from this year can be attributed to ransomware, a type of malware that encrypts files until the victim pays hackers the requested ransom, malware campaigns and other vulnerabilities exposed data on millions of consumers in 2017.
Here are the 10 biggest malware campaigns and high-profile cyberattacks that affected business operations around the globe in 2017 reported by Becker's Hospital Review. The incidents are listed in the order they were reported.
1. HealthNow Networks. A former developer at HealthNow Networks — a shuttered healthcare telemarketing company in Boca Raton, Fla. — uploaded an unencrypted backup database to a virtual server on Amazon Web Services, exposing 918,000 healthcare consumers' records.
2. WannaCry. In May, a worldwide ransomware attack hit organizations across multiple continents, infecting FedEx and bringing down operations for at least 16 of the U.K. National Health Service's facilities. WannaCry exploited a vulnerability discovered and developed by the U.S. National Security Agency. Hackers requested at least $300 in bitcoin to unencrypt victims' files, and in August, they cashed out more that $143,000 from online wallets associated with the hacks. Here are the lessons learned from this exploit.
3. Washington State University. The names and personal data of nearly 1 million people throughout the state of Washington were comprised when a backup hard drive was stolen from a safe belonging to WSU's Social and Economic Sciences Research Center in April.
4. NotPetya. A worldwide cyberattack attack originally believed to be a ransomware variant called "Petya" infected computer systems in more than 60 countries June 27. Security researchers later determined Petya is not a ransomware and instead it's a "wiper," dubbing the attacks "NotPetya." The attacks compromised government systems in Ukraine, operations at pharmaceutical giant Merck and business at a Pennsylvania health system, as well as Nuance Communications, a voice and language solutions provider, which attributed nearly $68 million in losses to NotPetya throughout its latest fiscal year. Merck said it lost an estimated $135 million in sales to the cyberattack.
5. Verizon. Roughly 14 million Verizon customers' records were potentially jeopardized when a security researcher discovered customer files on an Amazon S3 storage server operated by an employee of Ra'anana, Israel-based Nice Systems, a third-party vendor used by Verizon in June. The company called the breach "overstated," adding there has been no loss or theft of Verizon or Verizon customer information. The company also emphasized customer PINs were not linked to accounts and were only used to verify customers at call centers.
6. Defray. Proofpoint threat researchers identified a "previously undocumented ransomware strain" in August that demands up to $5,000 in bitcoin from its targets. Researchers observed two targeted attacks involving the Defray variant, one struck the healthcare and education industries and another hit the manufacturing and technology industries.
7. Locky. A Florida-based cybersecurity firm observed more than 23 million emails delivering Locky ransomware in just 24 hours in August. AppRiver noted the emails included a ZIP attachment containing a file that initiated a sequence of events, eventually downloading the latest Locky ransomware. Locky was one of the most frequently detected ransomware variants in 2016, although it had waned in prevalence in recent months.
8. Equifax. The massive cyberattack that rattled Atlanta-based consumer credit reporting agency Equifax in July affected nearly 145.5 million people globally. Since the company waited until September to notify customers to the breach, lawmakers pushed for legislative reform and a number of senior-level and C-suites stepped down amid suspicious share selling activity. The company said it spent $87.5 million in the third quarter on recovery efforts.
9. Bad Rabbit. Bad Rabbit is a ransomware variant similar to NotPetya that affected media outlets in Russia and transportation and infrastructure organizations in Ukraine in late October. Computers became infected when users downloaded a fake Adobe Flash installer from infected websites, and hackers requested 0.05 bitcoin, or $284, at the time of the attacks.
10. Uber. Uber paid hackers $100,000 to cover up a cyberattack that affected 57 million riders and drivers in October 2016. The attack remained under wraps for just over a year until the ride-hailing company ousted its chief security officer and one of his deputies for their roles in the cover-up.
Although these are high profile businesses, cybercriminals don’t discriminate, and a ransomware attack can happen to your business, too. As you look to 2018, and begin to lay out your business plan for the year ahead, security must be integrated across all areas of your business to mitigate your risks. This month, take the time to analyze your current security practices, and learn how you can be better protected moving forward.
If you’re considering additional protection, check out IT Solutions' advanced security plans which include features such as routine phishing training and testing to identify which users are most vulnerable to an attack.
Want to learn more about how IT Solutions can take your network securtiy to the next level? Check out this two-minute video to learn about some of the ways ITSecure and ITSecure+ can protect your business.