Malware

Ransomware Attacks 2020

With the spike of ransomware attacks reported in 2019, what is to be expected in 2020? Many experts say this is only the beginning…

January

  • City of Ingleside – Texas – Ransom demands have not been disclosed and city officials have not confirmed if ransom payments were made.
  • Contra Costa County Library – California – Officials have not confirmed the ransom demands, or if they were paid in an effort to expedite the system restoration process.
  • Enloe Medical Center – California – Officials have not confirmed the ransom demands, or if they were paid in an effort to expedite the system restoration process.
  • Temple Har Shalom – Hackers demanded $500,000 in ransom demands. Temple officials reported they will not pay the ransom demands.
  • Ernest N. Morial Convention Center – Louisiana – Officials for the convention center would not comment on the ransom demands or if they were paid.
  • Town of Colonie – New York – Ransom demands have not been disclosed and city officials have not confirmed if ransom payments were made.
  • Public Relations Commission – New Mexico – Officials have not confirmed the ransom demands, or if they were paid in an effort to expedite the system restoration process.
  • Tampa Bay Times – Florida – Representatives reported not paying the ransom demands but did not disclose what those demands were.
  • MDLabs – New Jersey – Ransom demands were $1.7 million, and the facility opted not to pay.
  • Lakeland Community College – Ohio – Officials did not report what the ransom demands were, or if they were paid.
  • Electronic Welfare Associates – West Virginia – Officials did not report what the ransom demands were, or if they were paid.
  • Mountain View Los Altos Union High School – California – Officials did not report the ransom demands, but did state they have negotiators available through their cyber security insurance policy to negotiate the ransom payment if they choose to go that route.
  • City of Racine – Wisconsin – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • ITI Technical College – Louisiana – Officials did not report the ransom demands; however, they did state they will not pay them.
  • City of Oshkosh – Wisconsin – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Brandywine Urology – Delaware – Officials have not disclosed what the ransom demands were, or any intentions of paying them.

February

  • Rockdale County – Georgia – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Allegheny Intermediate Unit – Pennsylvania – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Havre Public Schools – Montana – The ransom demands were in the “hundreds of millions”; however, the intent to pay has yet to be disclosed.
  • Miami Beach Police Department – Florida – They didn’t confirm the exact amount of the ransom demand, but did state it was “millions”. Officials did not confirm if any form payment was made.
  • Niagara University – New York – Ransom demands were not disclosed, nor was the intention to pay.
  • City of Wayne – Nebraska – Ransom demands were not disclosed, nor was the intention to pay.
  • Gadsden School District – New Mexico – Officials stated they have no intention to pay the ransom demands.
  • Grayson County – Texas – Ransom demands were not disclosed, nor was the intention to pay.
  • La Salle County – Texas – Officials stated they have no intention to pay the ransom demands.
  • Jordan Health – New York – Ransom demands were not disclosed, nor was the intention to pay.
  • Spartanburg District One Schools – South Carolina – Ransom demands were not disclosed, nor was the intention to pay.

March

  • City of Durham – North Carolina – Officials are not reporting the ransom amount, or if they intend to pay in an effort to restore their networks.
  • County of Durham – North Carolina – Officials are not reporting the ransom amount, or if they intend to pay in an effort to restore their networks.
  • Champaign-Urbana Public Health District – Illinois – Officials are not reporting the ransom amount, or if they intend to pay in an effort to restore their networks.
  • Bluffton Fire and Rescue – South Carolina – Officials are not reporting the ransom amount, or if they intend to pay in an effort to restore their networks.
  • Town of Jupiter – Florida – Officials are not reporting the ransom amount, or if they intend to pay in an effort to restore their networks.
  • City of Torrance – California – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Woodlawn Dental Center – Ohio – Officials did not report the ransom demands; however, they did confirm they restored their networks using backup hard drives.
  • Mat-Su Surgical Associates – Alaska – Official would not release a statement regarding the ransomware attack; although, they did confirm the ransomware attack resulted in a breach of patient data.
  • Metropolitan Community College – Missouri – Officials did not report how much the ransom demands were, or if they were paid. However, it was confirmed hackers did have access to the school’s networks from March to June.

April

  • Coffee County Jail – Tennessee – Officials are not reporting the ransom amount, or if they intend to pay in an effort to restore their networks.
  • Orleans Parish Assessor’s Office – Louisiana – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Parkview Medical Center – Colorado – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Lawrence County 911 Center – Tennessee – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Magellan Health – Arizona – Officials are not disclosing the ransom demand, or if it was paid in an attempt to regain access to their systems. Approximately 30 days after the attack, it was found personal information was compromised as a result.
  • Rangely District Hospital – Colorado – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Florida Orthopaedic Institute – Florida – Officials have not disclosed what the ransom demands were, or any intentions of paying them.

May

  • Moorestown Visiting Nurse Association – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Texas Supreme Court – Texas – Officials reported they have no intention to pay the ransom demands; however, they did not disclose how much those demands were.
  • Texas Department of Transportation – Officials have not disclosed what the ransom demands were, or any intentions of paying them.
  • Michigan State University – Michigan – Officials have yet to release a comment regarding the ransomware attack.
  • City of Columbus – Georgia – Official did not report the ransom demands but did state they hope to recover files using backup systems.
  • County of Rio Arriba – New Mexico – Officials are not reporting whether or not the ransom demands will be met, in an effort to restore the County’s networks.
  • Francis Parker School – California – Officials did not report the ransom demands or if they planned to pay them.
  • Rhode Island College Foundation – Rhode Island – Officials did not report the ransom demands or if they planned to pay them.
  • Providence Children’s Museum – Rhode Island – Officials did not report the ransom demands or if they planned to pay them.

June

  • The University of California, San Francisco – California – UCSF confirmed paying $1.14M to the hackers to restore their files.
  • Columbia College – Illinois – Very few details of the ransomware attack are being released, as it is an active investigation. The ransomware variant has been confirmed as NetWalker.
  • City of Florence – Alabama – Officials have confirmed they will pay the ransom demands of $300,000 in an attempt to regain access to their networks and keep any personal information off the dark web.
  • City of Knoxville – Tennessee – Officials are not disclosing the ransom demands, or if they were paid.
  • Tallapoosa County – Alabama – Officials are not disclosing the ransom demands, or if they were paid.
  • City of Keizer – Oregon – Officials confirmed paying the ransom demands of $48,000 to the hackers in an attempt to restore their files.

July

  • Cooke County – Texas – Officials are not confirming details regarding the ransom demands or if they will be paid in an effort to restore the County’s networks.
  • Chilton County – Alabama – Officials are not confirming details regarding the ransom demands or if they will be paid in an effort to restore the County’s networks.
  • Erie Community College – New York – Officials did not report the ransom demands or any intentions to pay.
  • Athens ISD – Officials confirmed paying the ransom demands of $50,000 in an effort to restore their networks.
  • Samaritan Medical Center – New York – Officials did not disclose the ransom demands or if they planned to pay.
  • City of Lafayette – Colorado – Officials confirmed paying a ransom demand of $45,000 in an effort to restore their networks.
  • Somerset Berkley Regional High School – Massachusetts – Officials did not disclose the ransom demands or if they planned to pay.

August

  • Ponca City Public Schools – Oklahoma – Students were notified a cyber attack had taken place and the first day of school would be adjusted. No ransom demands or intentions to pay have been disclosed.
  • Imperial Valley College – California – Officials have not disclosed the ransom demands or any intentions to pay.
  • University of New Mexico School of Law – New Mexico – Officials have not disclosed the ransom demands or any intentions to pay.
  • University of Utah – Utah – Officials paid $457,059 in ransom demands to avoid student data from being sold on the dark web.
  • Haywood County Schools – North Carolina – Officials have not disclosed the ransom demands or any intentions to pay.
  • Gosnell Schools – Arkansas – Officials have not disclosed the ransom demands or any intentions to pay.
  • Selma School District – California – Officials have not disclosed the ransom demands or any intentions to pay.

September

  • Hartford Public Schools – Connecticut – Officials did not disclose the ransom demands or if they planned to pay.
  • Fairfax County Schools – Virginia – Officials did not disclose the ransom demands or if they planned to pay.
  • Great Falls Public Schools – Montana – Officials did not disclose the ransom demands or if they planned to pay.
  • Newhall School District – California – Officials did not disclose the ransom demands or if they planned to pay.
  • Jekyll Island Authority – Georgia – Officials did not disclose the ransom demands or if they planned to pay.
  • US Fertility – Ransom demands were not disclosed, nor were the intentions to pay them.

October

  • City of Mt. Pleasant – Michigan – Officials are not reporting the ransom demands or if they were met in an effort to expedite the remediation efforts.
  • City of Shafter – California – Officials are not reporting if they will be paying any ransom demands, or what those demands are.
  • Hall County – Georgia – Officials have not confirmed the ransom amount, or if it will be paying in an effort to restore the networks. The County is using paper backups for voting purposes at this time.
  • St. Lawrence Medical – New York – Officials are not reporting if they will be paying any ransom demands, or what those demands are.
  • Sky Lakes Medical Center – Oregon – Officials are not reporting if they will be paying any ransom demands, or what those demands are.
  • University of Vermont Health Networks – Vermont – Officials are not reporting what the ransom demands are, or if they intend to pay. The ransomware variant was disclosed as Ryuk, and the National Guard has been called in for remediation assistance.

November

  • Columbus County – North Carolina – Officials are not reporting what the ransom demands are, or any intentions of paying in an effort to remediate. It should be noted, the ransomware infection originated through one of the county’s vendors, Managed.com
  • Jackson County – Oregon – Officials are not reporting what the ransom demands are, or any intentions to pay them in an effort to restore the networks. It should be noted, the ransomware infection originated through one of the county’s vendors, Managed.com
  • Baltimore County Public Schools – Maryland – Details of the attack are limited. It is unclear what the ransom demands are, or if they’ll be paid.
  • Delaware County – Pennsylvania – County officials approved a payment of $500,000 after being infected with ransomware.
  • Huntsville Public Schools – Alabama – School officials are not reporting what the ransom demands are, or if they will be paid. School is currently closed as a result of the cyber threat.

December

  • Baltimore Medical Center – Maryland – There is no official word on the amount of the ransom demand or if there’s an intention to pay.
  • City of Texarkana – Texas/Arkansas – No ransom information is available. The city has not disclosed any information on if they intend to pay the ransom.
  • City of Independence – Missouri – Ransom amounts haven’t been disclosed, and the city has made no mention of it they will pay.
  • Weslaco Independent School District – Texas – Officials are not disclosing the ransom demands or if they will be paid in an effort to remediate the networks. 

We have also created a heatmap, see below, of the ransomware attacks that have taken place in the U.S. Click the map for full details.

Stay tuned as PC Matic continues to track publicly disclosed ransomware attacks throughout the year.

 2,514 total views,  1 views today

(Visited 1 times, 1 visits today)

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.