The company said it had intended to release the report on 1 January 2020, but brought it forward after a recent ransomware incident ended with the victim's data falling into the hands of the attacker.
There has been a recent trend for ransomware to be designed not only to encrypt files on a victim's system, but also to exfiltrate the data, and this is what led Emsisoft to state that this kind of behaviour had elevated the ransomware situation to a crisis.
The US organisations affected in 2019 included 103 federal, state and municipal government and agencies; 759 healthcare providers; and 86 universities, colleges and school districts. This led to operations at nearly 1224 individual schools being affected.
- "Emergency patients had to be redirected to other hospitals;
- "Medical records were inaccessible and, in some cases, permanently lost;
- "Surgical procedures were canceled, tests were postponed and admissions halted;
- "911 services were interrupted;
- "Dispatch centres had to rely on printed maps and paper logs to keep track of emergency responders in the field;
- "Police were locked out of background check systems and unable to access details about criminal histories or active warrants;
- "Surveillance systems went offline;
- "Badge scanners and building access systems ceased to work;
- "Jail doors could not be remotely opened; and
- "Schools could not access data about students’ medications or allergies."
Emsisoft chief technology officer Fabian Wosar said: “The fact that there were no confirmed ransomware-related deaths in 2019 is simply due to good luck, and that luck may not continue into 2020. Governments and the health and education sectors must do better.”
Other effects of the ransomware attacks were:
- Property transactions were halted;
- Utility bills could not be issued;
- Grants to non-profits were delayed by months;
- Websites went offline;
- Online payment portals were inaccessible;
- Email and phone systems stopped working;
- Driver’s licences could not be issued or renewed;
- Payments to vendors were delayed;
- Schools closed;
- Students’ grades were lost; and
- Tax payment deadlines had to be extended.
In its report, Emsisoft called for improved security standards and oversight, more guidance, closing the intelligence gap, better public-private sector co-operation and legislative restrictions on ransom payments, among other measures.
Said Wosar: “2020 need not be a repeat of 2019. Proper levels of investment in people, processes and IT would result in significantly fewer ransomware incidents and those incidents which did occur would be less severe, less disruptive and less costly.”