7 Industries Where Hackers Are Using Ransomware

ransomware attacks in various industries

Even before WannaCry spread throughout the world at an alarming rate, infecting millions of public and private organizations along the way, ransomware had already taken foothold across various parts of the world since 2012 and has been responsible for disrupting the everyday functions of all types of organizations in various industries. In many cases, the payment that the hackers demand in the form of ransom can range in the tens of thousands of dollars. And with 76 percent of ransomware attacks striking via email, the probability of ransomware attacks reaching your industry is high. Below are just some of the industries where ransomware has taken root:

1. Healthcare

Gone are the days of depending solely on handwritten logs, and hospitals are no exception when it comes to record keeping. With huge databases storing and patient records managing as well as other medical files, security is extremely important to health providers. Because medical data is highly valuable, hospitals are repeated targets of ransomware attacks long before WannaCry crippled several UK hospitals with devastating consequences. In February 2016 for example, it was reported that the Hollywood Presbyterian Memorial Medical Center paid $17,000 in bitcoin to restore and regain access to their systems. The hospital cited that paying up was the most effective way to quickly remedy the situation. The Hollywood Presbyterian case was one of the earliest cases in which a ransomware attack attempted to shut down a hospital, and it won’t be the last.

2. Entertainment

The infamous Sony hacking revealed that the entertainment industry is a major target of cyberattacks. The leak ended up costing the company millions thanks to  associated costs like legal fees, restoration fees and system upgrades. Last month, hackers obtained a copy of Netflix’s original series Orange is the New Black and threatened to leak episodes of the new season if ransom was not paid. The company remained unresponsive prompting the hacking group behind the threat to leak the episodes. While hackers did not compromise the internal systems themselves, it is evident that ransomware attacks have inspired cyber crooks to hold valuable web assets, in this case an entire online series, hostage for ransom.

3. Hospitality & Tourism

In the hospitality and tourism industries, it is top-notch customer service that sets a company apart from its competitors. After all, a happy customer is a loyal customer, and companies will go to great lengths to ensure customer satisfaction. For one Austrian luxury hotel, a ransomware attack meant customer safety may have been compromised. Initially, reports claimed hotel guests were being physically locked out of their rooms through their electronic door locking system until ransom was paid. Fortunately, their internal system was able to unlock the keypads but no new room keys could be issued. The ransomware attack prompted the company to not only pay up but also switch back to traditional keys.

4. Government

Because of their influence in public affairs, government and its officials have also become major targets of cyber attacks. Although government systems are sure to be highly secured, there is always the possibility of a hacker breaking into the system. Earlier this year, the democrats in Pennsylvania’s state Senate became victims of a ransomware attack leaving the government officials unable to access their computer network. While there was no indication on whether sensitive data had been compromised, officials declined to reveal further information or whether or not backups were installed. Besides monetary gain, there is no definite way of telling whether the ransomware attack was politically motivated.

5. Education

Educational institutions rely heavily on computer networks to store and manage data for both faculty and staff. From emails to school records, it’s hard to imagine how administrators can operate an entire school without access to computers. A ransomware attack would mean student records and grades are inaccessible, which can bring chaos with a new semester quickly approaching. Such was the case with the Los Angeles Community College District who agreed to pay a hefty sum of $28,000 to regain access to their systems and data after being hit with a ransomware attack. The school was able to use money from a cybersecurity insurance policy to cover the demands of the hackers and were given the decryption keys to unlock files and restore the files back to the computers.

6. Public Services

We rely on core infrastructure like electricity to operate our cities but because the average person is not typically at the forefront of these operations, we rarely think of the severe consequences that a potential ransomware attack on these key infrastructure may have on our daily lives. For example, an attack aimed at a city’s water treatment plant can mean repercussions for water management utilities and the general population’s heating, and air conditioning systems. At a recent RSA Conference, security researchers simulated a ransomware attack and demonstrated how hackers could hold critical utilities hostage until the city paid ransom (in this particular simulation, threatening to release dangerous levels of chlorine into water supplies, which would make water unsafe to drink). San Francisco’s transit stations were hacked in a similar case, leading city officials to open fare gates and to shut down ticket kiosks.

7. News media

Many find new sites to be credible sources of information, but that doesn’t mean readers are not subject to cyber attacks when visiting their sites. Big media names are a source of the current news around the globe, meaning daily readership is high, so what better way for hackers to reach their target of tens of thousands of readers through ads? Media sites such as The New York Times, the BBC, MSN, and AOL became victims of cyber attacks after hackers injected malicious ads into their sites which forcefully install ransomware on the computers of the visitors. While the ransomware did not infiltrate the computer networks of the big media sites, ransomware attacks found another pathway through malicious ads.  



Corporations or even small and medium sized businesses who were not affected by WannaCry should still be wary of ransomware attacks. Ransomware has hit different industries across the board, and with ransomware evolving to target IoT devices (coined “jackware”) there is a growing need to secure key infrastructure and vulnerable industries. Applying preventative measures like monitoring security networks and performing regular penetration tests to exploit the weaknesses in the network can be an effective form of defense but it’s not the only defense. For more information on managing ransomware check out these tips.