Security Market Segment LS
Monday, 16 December 2019 11:02

Tsunami of Windows ransomware attacks hit US public sector bodies Featured

Tsunami of Windows ransomware attacks hit US public sector bodies Image by WikiImages from Pixabay

A veritable tsunami of ransomware attacks hit Windows systems in the US public sector in 2019, with at least 948 government agencies, healthcare providers and educational establishments being affected at a cost estimated to be about US$7.5 billion, the security firm Emsisoft says in a report.

The company said it had intended to release the report on 1 January 2020, but brought it forward after a recent ransomware incident ended with the victim's data falling into the hands of the attacker.

There has been a recent trend for ransomware to be designed not only to encrypt files on a victim's system, but also to exfiltrate the data, and this is what led Emsisoft to state that this kind of behaviour had elevated the ransomware situation to a crisis.

The US organisations affected in 2019 included 103 federal, state and municipal government and agencies; 759 healthcare providers; and 86 universities, colleges and school districts. This led to operations at nearly 1224 individual schools being affected.

Some effects of these attacks on Windows systems were:

  • "Emergency patients had to be redirected to other hospitals;
  • "Medical records were inaccessible and, in some cases, permanently lost;
  • "Surgical procedures were canceled, tests were postponed and admissions halted;
  • "911 services were interrupted;
  • "Dispatch centres had to rely on printed maps and paper logs to keep track of emergency responders in the field;
  • "Police were locked out of background check systems and unable to access details about criminal histories or active warrants;
  • "Surveillance systems went offline;
  • "Badge scanners and building access systems ceased to work;
  • "Jail doors could not be remotely opened; and
  • "Schools could not access data about students’ medications or allergies."

Emsisoft chief technology officer Fabian Wosar said: “The fact that there were no confirmed ransomware-related deaths in 2019 is simply due to good luck, and that luck may not continue into 2020. Governments and the health and education sectors must do better.”

Other effects of the ransomware attacks were:

  • Property transactions were halted;
  • Utility bills could not be issued;
  • Grants to non-profits were delayed by months;
  • Websites went offline;
  • Online payment portals were inaccessible;
  • Email and phone systems stopped working;
  • Driver’s licences could not be issued or renewed;
  • Payments to vendors were delayed;
  • Schools closed;
  • Students’ grades were lost; and
  • Tax payment deadlines had to be extended.

In its report, Emsisoft called for improved security standards and oversight, more guidance, closing the intelligence gap, better public-private sector co-operation and legislative restrictions on ransom payments, among other measures.

Said Wosar: “2020 need not be a repeat of 2019. Proper levels of investment in people, processes and IT would result in significantly fewer ransomware incidents and those incidents which did occur would be less severe, less disruptive and less costly.”


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments