Artech Information Systems ransomware attack proves that we’ve hit a crisis point

Artech Information Systems, one of the largest IT staffing organizations in the U.S., recently disclosed a ransomware attack that occurred earlier this year.

The incident, which affected individuals’ personal, health, and financial information, is the latest in a long line of ransomware attacks – and is allegedly the second time that Artech has been targeted in recent months.

If true, it’s one of the highest-profile cases of something that experts have been warning about for years: If you fall victim once, you are likely to be targeted again.

This is alarming news for the more than 180 organizations that have confirmed ransomware attacks so far this year. The repercussions of an attack can linger for months – as the British foreign exchange firm Travelex learned to its cost in August.

The organization came under attack on New Year’s Eve 2019, and spent several weeks battling to remain operational. However, between these damages and the COVID-19 pandemic, it was forced into administration just over eight months later.

A dynamic threat

The spike in ransomware attacks is the result of several factors. For years, the malware was a relatively rudimentary screen-locker that targeted individuals and requested bitcoin payments.

The plummeting value of cryptocurrency coincided with a downturn in these attacks, forcing cyber criminals to change tactics.

At the start of last year, experts noticed a trend of attacks against enterprise networks – with local governments, schools, and health care firms being particularly lucrative targets.

The pandemic has made ransomware even more damaging, because so many organizations now rely on digital technology for everyday tasks.

Another factor is people’s willingness to pay up when they’re attacked. Senior decision makers are increasingly falling into the trap of believing that the ransom demand seems reasonable in comparison to the costs of restoring their systems from backups.

However, this ignores the risks. For example, the criminal might not keep their word and hand over the decryption key, or they might use your payment as an invitation to target you again in the future.

Then there is the possibility that the money will be used to launch other attacks, helping the cyber crime industry thrive.

Unfortunately, until organizations realize the long-term damage caused by paying ransom demands, things are only going to get worse.

Sign up for our weekly round-up to receive news on cybersecurity and cyber crime!