Ransomware isn't going away; it's a local and global threat that demands ongoing vigilance, especially in rural areas

Image by Markus Spiske, Unsplash

It's a global problem, and rural areas are more vulnerable. It's not Covid-19, it's ransomware. "What was once an easily squashed nuisance is now seen as a persistent threat," reports Mike Allen of Axios. "Ransomware attacks, which take an organization's data hostage and shut down its systems until the hackers receive payment, have exacted an escalating price on law enforcement, policymaking and financial resources around the world."

What does a rural ransomware attack look like? "Westmoreland, Kansas, is the seat of Pottawatomie County and home to around 750 of its 25,000 residents. . . . [In 2021] data was stolen from Pottawatomie County’s computers by cybercriminals who paralyzed its systems with ransomware and left some services inaccessible to residents for weeks," reports Andrea Peterson of The Record, a cyber news source. "The infiltration and the County’s reaction highlights the complicated economic, financial, and social factors at play when local government systems are compromised. . . .The attackers originally demanded $1 million, but settled for $71,250 after 'a successful negotiation' highlighting the County’s limited financial means."

Along broader lines, last week, cybersecurity professionals gathered to discuss ongoing global challenges. "Rob Joyce, the National Security Agency's director of cybersecurity, told reporters that Russian hackers are now weaponizing ransomware in attempted attacks against Ukrainian logistics supply chain companies, as well as organizations in Western-allied countries," Allen adds. "Cybersecurity firm Sophos said in a report released Tuesday that 68% of cyberattacks last year involved ransomware. . . . A panel on the last day of the gathering acted out what the federal response to a hypothetical, Iran-backed ransomware attack on U.S. banks in 2025 might look like."

Fighting ransomware attacks is taking a consistent, long-term approach. "Many ransomware operators are based in Russia, where the Kremlin tends to turn a blind eye to cyber criminals targeting Western countries. . . . Organizations still struggle with basic cyber hygiene to protect themselves," Allen reports. "Government sanctions, internet server takedowns and criminal arrests have slowly but steadily reduced businesses' willingness to pay ransomware gangs, Tom Hofmann, chief intelligence officer at Flashpoint, said. . . . The number of ransomware attacks dropped 15% between 2021 and 2022, according to recent data from Google-owned threat intelligence firm Mandiant. But that came after they skyrocketed the year before."