COVID-19 UPDATE: We are offering free ransomware help for healthcare organizations during the Coronavirus outbreak.   Click here for more information.

Beyond the figures: Exploring the hidden costs of ransomware

  • April 16, 2020
  • 6 min read
Beyond the figures: Exploring the hidden costs of ransomware

In the past, we’ve talked extensively about the impact of ransomware on both the U.S. and a global scale. But what these reports fail to capture is the effect of ransomware in minutiae; how it has forced small businesses to shut down, allowed criminals to escape and prevented patients from accessing drugs and health care.

In today’s post, we’re going to go beyond the financial figures and explore 10 ways ransomware has impacted the day-to-day lives of small businesses, employees, students and hospital patients around the world.

1. Police lose evidence, alleged criminals walk free

Ransomware attacks on police departments have severely impacted 911 services. Police stations have been forced to use inefficient pen and paper systems, evidence has been lost and suspected criminals have been allowed to walk free.

2. Disrupted digital HVAC leads to mold growth at Ohio schools

More than 1,200 schools in the U.S. were affected by ransomware in 2019, as noted in our report, The State of Ransomware in the US: Report and Statistics 2019. Often the effects were predictable – grades were lost, the staff was unable to access data about students’ medications or allergies, schools were temporarily closed down – but sometimes an attack had unexpected consequences.

In May 2019, the Coventry Local School District was hit with Trickbot, which brought down the phone systems and forced some schools to shut down for a day. The attack also affected some schools’ Internet-connected HVAC units, resulting in a loss of temperature control, which led to potentially harmful mold growing inside the affected schools.

Download now: Emsisoft Anti-Malware free trial.

Antivirus software from the world’s leading ransomware experts. Get your free trial today. Try It Now

3. Real estate transactions halted in Baltimore

In May 2019, Baltimore city was infected with RobbinHood. In addition to disrupting almost every government department, the attack also had a profound impact on the real estate market.

Essential systems required for real estate deals were brought offline, halting property transactions during what is typically one of the busiest months for Baltimore’s property market. Property transactions could not be completed as title insurance companies were unable to check the status of property lies or verify taxes owed or water bills, and were therefore unable to issue title insurance to homebuyers. It took two weeks for the government and real estate officials to develop a manual workaround.

4. Hospitals forced to turn away new patients, surgeries delayed

While ransomware attacks are usually financially motivated, for victims there’s often more than just money at stake.

This is particularly true in the healthcare sector. Ransomware groups have frequently targeted healthcare organizations as the threat of life-endangering downtime puts significant pressure on victims to pay the ransom. Attacks have delayed surgeries, forced hospitals to turn away new patients, caused the loss of patient data and even forced some healthcare providers to close their businesses permanently.

5. Cyber insurance premiums skyrocket

Cyber insurance has come to play an important role in ransomware risk management strategy. Cyber policies typically cover not only the ransom but also a range of associated costs, including data recovery and legal liabilities. A flurry of costly claims in recent months has resulted in U.S. insurers increasing their cyber insurance premiums by as much as 25 percent.

6. Australian wool auctions delayed, affects cash flow for SMBs

In February 2020, wool sales across Australia ground to a halt after Talman, a software supplier used by more than three-quarters of the wool industry across Australia and New Zealand, was hit with ransomware. The wool auctions, comprising some 70,000 bales, were abandoned for the week, affecting the cash flow of some wool growers who were not able to make loan repayments and were subsequently hit with interest rate charges as high as 18 percent.

7. Nursing homes unable to order drugs for patients

In November 2019, 110 nursing homes across the U.S were crippled by Ryuk following an attack on their IT service provider, Virtual Care Provider Inc (VCPI). Almost all of VCPI’s servers were affected, including Internet service, email, access to patient records, and phone and client billing systems. In some care facilities, nurses were unable to order new drugs, putting the health and lives of patients at risk.

8. Reliance on paper systems increase the risk of internal theft

Ransomware incidents often render a company’s phone, email and billing systems unusable, forcing organizations to resort to pen and paper. Not only are manual systems less efficient, but they also have the potential to be abused by the unscrupulous staff looking to take advantage of the organization during an already difficult time.

From November 2017 to January 2018, City of Spring Hill’s Finance Department was only accepting cash and check payments due to a ransomware incident in early November, which impacted the systems used for payment processes. An accounts receivable clerk took advantage of the situation to steal at least $1,543.96 from 19 customers who had deposited money in the city’s payment drop box. The clerk responsible was fired from her position in February 2018 and indicted in September 2019.

9. Companies go out of business, employees lose jobs

In some cases, the disruption caused by ransomware has been so extreme that jobs have been lost and businesses have been permanently shut down.

10. Freight deliveries delayed

Ransomware has caused extreme problems in the logistics sector, where security and timeliness and of the utmost importance.

In June 2017, logistics giant Maersk found itself caught up in one of the most devastating ransomware attacks of all time. As many as 4,000 servers and 50,000 endpoints were infected, spread across 600 sites in 130 countries. Disruption was widespread: the company’s website went down, no new bookings could be made and the data identifying the inventory of Maersk’s 800 ships had been wiped. All in all, Maersk estimates the attack cost $300 million in damages.

In February 2020, Australian transportation and logistics company Toll Group was hit by a variant of the Mailto ransomware. The incident brought down a number of the company’s IT systems, causing significant delivery delays and affecting freight volumes.

Conclusion

To those who have never experienced a ransomware incident, ransomware might seem little more than an abstract digital threat. But the effects are real. Hospitals shutting down, suspected criminals walking free and people losing their jobs – these are just some of the ways ransomware has impacted the world around us.

Jareth

Jareth

Writer. A picture is worth a thousand words but unfortunately I can't draw. The world of IT security has always fascinated me and I love playing a small role in helping the good guys combat malware.

What to read next

Reader Comments