Ransomware

To pay or not to pay – that is the question regarding ransomware attacks against municipal services. But if some states have their way, victims may no longer have a choice.

Two states – North Carolina and Florida – have passed legislation prohibiting public ransomware payments, and other states are considering similar measures. But it’s too early to tell yet whether such laws have had an impact. In the less than three years since the North Carolina bill passed, attacks have dipped slightly and still number in the hundreds.

“Thank you, but we already have identity theft protection.”

Our salespeople occasionally hear this response from decision-makers at prestigious national organizations. They believe identity theft protection is the same as online privacy protection, and assume that having one means they don't need the other.

The Crucial Difference

Think of it this way:

Vulnerable to ransomware? It’s not your servers – it’s your people

That’s the title of an article written by Ironwall by Incogni's CEO Ron Zayas that appeared as the top story on the DOTmed HealthCareBusiness News website, a trusted healthcare industry resource with a substantial daily readership.

If you guessed ransomware, you are correct.

But wait – if you pay the ransom, doesn’t that mean your systems get restored and nothing is lost? Unfortunately, that’s not the case, as a new report confirms.

The findings, based on a survey of 1,200 organizations that experienced a ransomware attack, found that an average of 43% of compromised data disappears forever, whether the ransom is paid or not.

Recently, prominent insurance industry publications published articles by Ironwall by Incogni CEO Ron Zayas, discussing the ongoing ransomware threat and strategies to keep organizations safe.

The articles, published in Insurance News Net and PropertyCasualty360, both focused on the challenge facing insurance companies and all financial services organizations from the rapidly rising risk of a data breach, and the serious repercussions that follow. 

The healthcare industry is a prime target for ransomware, as illustrated in the recent breach at Ascension and the devastating attack on Change Healthcare, which cost the company more than $870 million. 

IronWall360 CEO Ron Zayas recently contributed an article to 24x7, a healthcare organization publication, about the evolving methods of ransomware delivery.

Any company that tries to sell a product or service will experiment with several different approaches until they find one that is successful. Unfortunately, this same strategy is now being used by scammers to find the best content for a phishing email that will deliver a ransomware payload.

A new ransomware headline appears every week, a frightening indication of how prevalent such attacks have become. But when Change Healthcare, one of the nation’s largest providers, was hit in February of this year, the impact was severe enough to draw the attention of the US Congress. 

While the exposure of patient records in the attack was concerning enough, broader repercussions were even more severe. The disruption extended beyond the data breach, impacting practitioners, pharmacies, insurance companies, and patient care:

Data breaches and ransomware attacks are a global threat – but a recent report revealed that American organizations are a favorite target.

According to critical infrastructure security company Dragos, 44% of ransomware attacks last year targeted North American organizations. And every year, the number of breaches goes up, as does the number of victims. In January of 2023, T-Mobile announced that an unidentified malicious intruder breached its network and stole data on 37 million customers, including home addresses, phone numbers and dates of birth.

Curious about your ancestry? Or looking for early warning signs of health issues that might be prevented? If so, you may have elected to have your DNA analyzed by a company that can provide those answers. But what happens if that company gets hacked?