Ransomware is Everyone’s Problem

By Steven J.J. Weisman, Esq.
Bentley University, Boston
Professor of Law
Scamicide.com, Founder
TALKERS, Legal Editor

The recent ransomware attack against radio group and media company Townsquare Media may have come as a surprise to some people.  It shouldn’t have.  Ransomware is a huge problem and media companies are increasingly becoming targeted by cybercriminals.

As you undoubtedly know, ransomware is a type of malware that once installed on your company’s computers locks and encrypts your files.  The cybercriminals who use ransomware to attack your company then threaten to destroy your files unless you pay a ransom, generally in cryptocurrencies.  More recently the threat of ransomware has evolved where the cybercriminals also threaten to make public embarrassing information gathered in the hacking of your computers.

Just how big a problem is ransomware?  Worldwide 37,700 ransomware attacks occur every hour.   Part of the reason for there being so many ransomware attacks is that they are perpetrated not only by sophisticated cybercriminals who develop the new strains of ransomware, but also by far less sophisticated criminals who go to the Dark Web, that portion of the internet where criminals buy and sell goods and services, and lease the latest versions of ransomware along with bots to serve as delivery systems for the ransomware.    According to cybersecurity firm Emsisoft, in 2021, the financial impact of ransomware attacks in the United States was 623.7 million dollars.  Also, don’t think if your company is a small to medium sized business that it won’t be targeted by ransomware attacks.  Due to the easy availability of the sophisticated malware and delivery systems required for a ransomware attack, small and medium sized businesses are frequent targets of ransomware attacks.

Media companies are a common target for ransomware attacks with devastating consequences.  In 2017, San Francisco NPR station KQED was hit with a damaging ransomware attack. In 2019, Entercom suffered a major ransomware attack.  In 2021, Cox Media, which owns 57 radio and television stations, fell victim to a ransomware attack.   Also in 2021, Sinclair Broadcast Group, which owns 185 television stations throughout the country suffered a ransomware attack which cost the company 63 million dollars in lost advertising revenue and 11 million dollars in expenses related to remedying the attack.  And these are just a few of the many ransomware attacks against media companies big and small.

 

The recent ransomware attack against radio group and media company Townsquare Media may have come as a surprise to some people.  It shouldn’t have.  Ransomware is a huge problem and media companies are increasingly becoming targeted by cybercriminals.

As you undoubtedly know, ransomware is a type of malware that once installed on your company’s computers locks and encrypts your files.  The cybercriminals who use ransomware to attack your company then threaten to destroy your files unless you pay a ransom, generally in cryptocurrencies.  More recently the threat of ransomware has evolved where the cybercriminals also threaten to make public embarrassing information gathered in the hacking of your computers.

Just how big a problem is ransomware?  Worldwide 37,700 ransomware attacks occur every hour.   Part of the reason for there being so many ransomware attacks is that they are perpetrated not only by sophisticated cybercriminals who develop the new strains of ransomware, but also by far less sophisticated criminals who go to the Dark Web, that portion of the internet where criminals buy and sell goods and services, and lease the latest versions of ransomware along with bots to serve as delivery systems for the ransomware.    According to cybersecurity firm Emsisoft, in 2021, the financial impact of ransomware attacks in the United States was 623.7 million dollars.  Also, don’t think if your company is a small to medium sized business that it won’t be targeted by ransomware attacks.  Due to the easy availability of the sophisticated malware and delivery systems required for a ransomware attack, small and medium sized businesses are frequent targets of ransomware attacks.

Media companies are a common target for ransomware attacks with devastating consequences.  In 2017, San Francisco NPR station KQED was hit with a damaging ransomware attack. In 2019, Entercom suffered a major ransomware attack.  In 2021, Cox Media, which owns 57 radio and television stations, fell victim to a ransomware attack.   Also in 2021, Sinclair Broadcast Group, which owns 185 television stations throughout the country suffered a ransomware attack which cost the company 63 million dollars in lost advertising revenue and 11 million dollars in expenses related to remedying the attack.  And these are just a few of the many ransomware attacks against media companies big and small.

Ransomware attacks against media companies are also done by political hacktivists such as in Russia following the invasion of Ukraine where pro-Ukranian hackers took over and broadcast anti-Russian messages over the Russian television airwaves.  Such a similar attack here in the United States, particularly in today’s political environment presents a very real threat.

Ransomware attacks are most commonly begun with phishing or more specifically targeted spear phishing emails to employees of the targeted company in which the employee is lured into clicking on an infected link or downloading an infected attachment under some seemingly valid pretense.  Even if your company is using the most up to date security software and installing security updates and patches as soon as they are made available, you are still vulnerable to a ransomware attack formulated to take advantage of zero day defects which are vulnerabilities in your software not previously discovered that can be exploited by the cybercriminal because there is not yet a defense to them.  It generally takes at least a month from the discovery of such zero day defect based malware for security software companies to develop defenses that are sent to you as a security update.   Even then, too many companies inexcusably delay installing such updates leaving them vulnerable to attack.  The major data breach at Equifax which resulted in the compromise of personal information of 147 million people (including myself) was caused by Equifax failing to download a security update for its Apache software made available to Equifax months before the hacking that exploited the vulnerability patched by the update.

It is also important to remember that protecting your company from a ransomware attack is not only important to the responsible management of your business, it is also necessary to avoid legal liability for failing to do so.  The Federal Trade Commission has taken action numerous times against companies that failed to protect the security of their data, deeming the failure to do so an unfair and/or deceptive business practice in violation of section 5 of the FTC Act.

Additionally, boards of directors have a fiduciary duty to act in the best interests of the company and its stockholders.  Failing to take proper actions to protect the company from ransomware attacks could leave them open to shareholder class actions.

So what should you be doing?

Here are a few steps that everyone should be taking to protect themselves.

1. All employees should use strong, unique passwords for their computer access.  Too often people use the same password for all of their accounts which puts important accounts in jeopardy if the same password was compromised at another account by data breach.

2. All employees should use multi factor authentication to supplement the security of passwords.

3. Train employees regularly to recognize and avoid spear phishing emails.  In particular employees should be trained not to ever click on a link or download an attachment unless they have absolutely confirmed that the communication was legitimate.

4. Use good security software and install security updates as soon as they are made available.

5. Consider using white listing software which prevents any program from being downloaded unless it has specifically been approved.

6. Configure your firewalls to protect against known ransomware.

7. Back up all of your data regularly both in the cloud and offline.

8. Use email filters to protect against phishing emails. They are by no means close to 100% effective, but they can be helpful.

9. Limit the access of your employees to files and folders they have no need to have access to.

10. Encrypt your data.

Ransomware is a very real threat, but it is one that with proper precautions can be greatly minimized.

Steven J.J. Weisman, Esq. is a professor of law at Bentley University in Boston as well as the founder of Scamicide.com and the legal editor of TALKERS. He can be contacted by phone at 781-891-2771 or emailed at stevenjjweisman@aol.com.