Wed | May 12, 2021 | 9:36 AM PDT

Is ransomware now a national emergency?

Spend a few minutes reading this story and then decide for yourself.

Just days before a ransomware attack shut down a crucial fuel pipeline in the U.S., leaders from around the world gave a stark assessment about ransomware: everything is at risk.

Department of Homeland Security Alejandro Mayorkas issued a joint statement with counterparts in the United Kingdom, Australia, New Zealand, and Canada on what is at stake.

"Ransomware is a growing cyber threat which compromises the safety of our citizens, the security of the online environment, and the prosperity of our economies. It can be used with criminal intent, but is also a threat to national security."

And that includes America's energy infrastructure. 

Ransomware as a threat to critical infrastructure 

A ransomware attack in May 2021 forced the Colonial Pipeline to shut down, halting 2.5 million barrels per day of fuel shipments in the eastern United States.

This has led to fuel shortages and an emergency action by President Biden.

And in 2020, there was also a natural gas pipeline disrupted by a ransomware attack.

But the threat to infrastructure goes beyond fuel.

A report by the newly founded Ransomware Task Force (RTF) details a 2019 attack against the U.S. Coast Guard which shut down operations at a facility for 30 hours.

It also warns that an attack on the energy grid, or a nuclear plant, or any kind of critical asset, could result in serious consequences—even human casualties. 

Ransomware targeting healthcare sector

During the course of the pandemic, there has been an astounding number of attacks targeting the healthcare sector. The Ransomware Task Force says attackers hit 560 healthcare facilities with ransomware in 2020, and that is just in the U.S.

Here is one example of a hospital ransomware attack:

"In October 2020, hackers compromised the computer networks of roughly a dozen medical centers across the United States.

These attacks forced the cancelations of surgeries and disruptions in patient care; the University of Vermont Medical Center (UVM) was forced to furlough or reassign about 300 employees as the hospital’s networks were taken offline in the midst of the COVID pandemic, and patients were turned away from scheduled cancer treatments and other medical procedures. The company’s President and COO estimated the attack would cost roughly $64 million before systems were fully restored."

The RTF says this sector needs help from lawmakers: 

"Government policy choices regarding ransomware should focus on this critical threat: statistical analysis reveals that ransomware-driven delays in care in these healthcare systems invariably contributes to a loss of life due to the inability of patients to receive timely care. This
illuminates the risk to human life posed by these attacks—and yet the attackers continue to undertake these assaults with near impunity."

Ransomware's impact on education

Along with healthcare, the education sector has become a priority target for cybercriminals due to remote learning during the pandemic. 

The RTF says that in 2020, 1,700 schools, colleges, and universities were impacted by ransomware in the U.S.

"Ransomware attacks on schools have devastating impacts, including loss of instructional time and the leakage of sensitive data. In early 2021, a ransomware attack on the Buffalo Public School system prevented 5,000 students from returning to in-person learning Monday and shut down online learning for thousands more.

Such attacks also add to budgetary challenges for already under-resourced districts: when Mississippi's Yazoo County School District paid $300,000 as a ransom to recover files encrypted during a ransomware attack, the cost equaled roughly 1.5% of the district's annual budget.

The targeting of schools is not limited to the United States. In March 2021, a ransomware attack left 37,000 students in London and Essex without access to email or coursework. The attack targeted The Harris Federation, which runs 50 primary and secondary schools in the UK. The perpetrators are suspected to have stolen personal data about the organization, including financial details, and posted it on the dark web."

The economic impact of ransomware

Beyond the threat to national security and critical infrastructure, the economic impact must also be taken very seriously.

The chart below shows how fast ransom demands have increased in the last few years:

The total amount paid by ransomware victims increased by 311% in 2020, reaching nearly $350 million worth of cryptocurrency.

As staggering as these numbers are, the economic impact goes beyond just a ransom payment.

"Reported ransomware payments do not cover the costs associated with service downtime and recovery. Total remediation costs are typically several times a ransom payment and are often large enough to cripple many small businesses. In addition, money that flows to the criminal networks creates second- and third-order economic effects, since those revenues go on to fund other types of crime."

Considering all of the examples shared here, what do you think? Has ransomware become a national emergency? Let us know in the comments below.

Comments