Another day, another headline. Ransomware attacks are becoming way too close for comfort. A terrifying thought for many businesses, especially small to medium-sized businesses (SMBs) that may lack the time, resources, and/or expertise to prevent and combat cybersecurity attacks in the first place.
Ransomware is a particularly vicious (and common) type of cyberattack that essentially holds a company's mission-critical data, files, access, etc. hostage (i.e., denies access to them) until the company agrees to pay a particular amount of money. And because data is business, some companies have little recourse but to pay the ransom.
In the United States, ransomware attacks increased by a whopping 80% between the years 2021 and 2022.
But not small businesses, right? And not in Arkansas, right?
Unfortunately, small businesses may be even more prone to ransomware attack. According to the Ransomware Taskforce, small businesses fell victim to 70% of all ransomware attacks in 2021.
And Natural State companies aren't immune. Ransomware cyberattacks sometimes happen right next door.
On December 5, 2022, the 21,200-student Little Rock School District fell victim to a ransomware attack resulting in a $250,000 payment to hackers. The LRSD school board voted 6-3 in favor of paying the attackers – and the ordeal caused quite a stir in the community.
“This is a horrible, horrible, horrible situation, and there aren’t any good options,” said LRSD Superintendent Jermall Wright about the ransomware attack during one board meeting.
Altogether, the cyberattack may have cost the district upwards of $700K.
Dozens of county offices across the state went offline in 2022 when Apprentice Information Systems of Rogers was targeted for a ransomware attack. The attack focused directly on AIS assets providing server capacity and software solutions to multiple county-level offices. The disruption was felt hard by some AIS clients.
“We’re doing it like the old days right now," said Judge Ben Cross of Pope County, one of the impacted counties. "Our local systems are intact, but what it has done is make us resort to doing things like physically issuing checks.”
Judge Cross went on to say the cyberattack appeared to originate out of Russia.
A ransomware attack on a Fayetteville, Arkansas medical clinic exposed the records of roughly 128,000 patients to a possible security breach. Patient names, addresses, and social security numbers were all potentially compromised during the attack, and attackers even gained access to patient x-rays and other business-critical files.
"The cyberattack is still under investigation," reported Healthcare IT News, "but Arkansas Oral Facial Surgery Center officials said they believe the attack was purely meant for extortion purposes."
Ransomware attackers are usually more interested in the money than the data. The data, which they may threaten to unleash to the dark web, is simply leverage in negotiating a higher price and ultimately forcing payment.
The Heritage Company was forced to layoff 300 employees during the 2019 Christmas season because of a ransomware attack and the resulting loss of hundreds of thousands of dollars.
CEO Sandra Franecke wrote a letter to stunned employees:
"...approximately two months ago our Heritage servers were attacked by malicious software that basically 'held us hostage for ransom' and we were forced to pay the crooks to get the 'key' just to get our systems back up and running. Since then, IT has been doing everything they can to bring all our systems back up, but they still have quite a long way to go. Also, since then, I have been doing my utmost best to keep our doors open, even going as far as paying your wages from my own money to keep us going until we could recoup what we lost due to the cyber attack."
In January of 2022, Central Baptist College (CBC) of Conway underwent an audacious ransomware incident. The attack resulted in a complete takeover of the college's 230 desktop computers, prompting an initial $3 million ransom demand. "Not only did my computer shut down," recalled CBC president Terry Kimbrow, "but I quickly learned that all 230 desktop computers on campus had rebooted and this message was on the screens: 'You now have a new Admin'."
An ominous message.
No ransom was paid, and CBC was able to restore its systems. However, that attackers kept CBC hostage for roughly five weeks. The college was forced to shut down its servers during the multi-week attack, blocking the college from serving students, staff, and faculty with crucial systems like Wi-Fi, admissions, financial aid, and security cameras.
Taken together, what's the moral of the story, that is, stories?
But what to do about it?
Business has gone digital, which means server access, file/data accessibility, and other online activities are now fundamental to doing business.
As we say here at TekTrendz, your data is your business.
A ransomware attack isn't only expensive in terms of the IT response and perhaps even an expensive ransom payment, but such cyberattacks can grind business to a standstill. Possibly for weeks. The security breaches can also expose sensitive customer data to malicious actors, which could create legal woes and a public relations disaster.
The good news: Arkansas companies can fight back.
If you have questions about the security or vulnerability of your information systems, TekTrendz offers a free consultation – no strings attached – to businesses in Rogers, Bentonville, Springdale, Fayetteville, and anywhere else in Northwest Arkansas.
You're not in the fight alone. We specialize in all forms of cyberattack...so you can specialize in growing your business.