Over the past year, the BakerHostetler Incident Response team
has closely monitored data breach trends, and we are confident in
concluding that 2016 was the year of ransomware. Nothing has had a
greater impact or has been as widespread in 2016 than
From a hospital in California to a police department in
Massachusetts, ransomware has been a plague for organizations large
and small. And yet, despite being around for years, 2016 was the
year ransomware became an epidemic. Security firm Kaspersky Labs
estimates that in the third quarter of 2016, a ransomware infection
was occurring every 30 seconds, and a November 2016 study by
SentinelOne found that half of all companies surveyed reported a
ransomware attack in the past 12 months. With the FBI announcing
that ransomware was on track to be a billion-dollar criminal
enterprise, it's no secret that money has been fueling this
If you haven't experienced a ransomware infection, don't
worry, you will. And while the impact of ransomware on your
organization could be catastrophic, with advance preparation, it
doesn't have to be. The key is solid employee training, proper
network segmentation and backups that are complete, up-to-date and
regularly tested. Organizations that have prepared for an infection
may find that ransomware is little more than a nuisance, much the
way computer viruses and worms were back in the '90s and early
But don't expect this threat to go quietly (or anytime
soon). Ransomware has been surprisingly resilient. The phishing
emails that propagate ransomware have become more sophisticated
with some variants that have been known to target backup systems.
Two trends that we expect to continue into 2017 include the use of
full disk encryption by ransomware to deny access to the entire
system and the use of ransomware as a method of monetizing hacking
First, ransomware that utilizes full disk encryption denies
access to both the files and the computer system it infects. This
becomes an added pressure point because the infection impacts other
aspects of the organization. For example, the San Francisco
Transportation Authority experienced this type of ransomware
firsthand when ransomware infected its ticketing system in
The second trend we expect to see in 2017 is the use of
ransomware to monetize hacking activities. Some organizations do
not take information security as seriously as they should, either
because of a lack of resources or because they do not see
themselves as a target due to the lack of valuable data, e.g.,
credit card information or financial data. These organizations
might have experienced a breach in the past but might not have been
aware because the attack did not affect their systems or
operations. Ransomware provides an easy way for attackers to profit
from their hacking activities. Small to medium-size businesses that
are not prepared will be hurt the most by this trend.
For a more in-depth look at other data breach trends, be on the
lookout for the 2017 BakerHostetler Data Security Incident Response
Report to be published in the near future. To be one of the first
to receive a copy, sign up here.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
The New York Department of Financial Services (NYDFS) recently issued a revised proposed regulation seeking to add its own mandate of cybersecurity requirements to those already in existence for banks...
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).