The Steamship Authority ferry service on Cape Cod was a recent victim of a ransomware attack, causing disruption to its website and ticketing process. Similar attacks have occurred at Colonial Pipeline and JBS’s beef plants forcing temporary shutdowns at both companies.

Associate Professor Robert Duhainy head shotWe asked Associate Professor Robert Duhainy, a cybersecurity expert, to help us better understand what ransomware attacks are.

What is a Ransomware Attack?

Ransomware is an operation mode used by cyber criminals to withhold relevant data from the computers of users and organizations until they pay a ransom. A ransomware attack on organization’s servers can leave data encrypted and inaccessible.

Why do Ransomware Attacks Seem to be on the Rise and why are They Harmful to Organizations?

This type of cyber crime can be done with relative ease and anonymity by cyber criminals while causing costly economic harm to organizations. Understanding the harm of ransomware contributes to waking organizations up to how they should protect their data and communicate on the issue with their employers to better detect and prevent such economic crimes that may impact business continuity.

Ransomware attack breaches can happen as a form of human error as a result of honest mistakes and accidents. Factors that can motivate attackers to target an organization's data is that for quick cash, attackers would block access to information or threaten to leak sensitive information. Infecting networks with ransomware is proving to be highly lucrative for cyber criminals, with figures in research suggesting the average ransom amount paid per attack is $1.1 million.

What are Some of the More Common Targets of Ransomware Attacks?

There are hundreds of industries that can be targeted by malware menaces. For example, the famous WannaCry ransomware that took the world by storm in 2017 capitalized on vulnerabilities in Windows operating systems and impacted hospitals, banks, telecommunication companies, and warehouses in Russia, China, the United Kingdom, and the United States. Given the trend of malware evolution, there are no signs of slow down and technology users must resort to more creative and advanced strategies to combat this menace.

Education can be another target. In Louisiana, a state of emergency was declared last year after three public school districts fell victim to ransomware, affecting 10 percent of Louisiana’s 5,000 network servers and more than 1,500 computers. The Ryuk ransomware struck the New York school district were the district's insurance company negotiated the ransom demand down to $88,000 from $176,000.

Should People be More Concerned About Ransomware Attacks?

People must understand their threats-threat intelligence is an important service that both information security professionals and everyday users should leverage for better protection and defense.

For example, the Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security, provides free and current activity and alerts as well as a weekly vulnerability summary.

Artificial intelligence applications have been found efficient in the prevention of cyber crimes. Artificial intelligence is a general term that implies the use of a computer to model intelligent behavior with minimal human intervention. Artificial intelligence is helping humanity in addressing the issues of cyber security because of its intelligent nature and flexibility. Artificial intelligent techniques and applications such as heuristics, data mining, neural networks, and artificial immune system have proven to be efficient in the prevention and mitigation of cyber crimes.