Blog

As we say goodbye to 2023, we are looking back on the cybersecurity landscape this year and drawing lessons from the ransomware incidents that unfolded. Here’s a deep dive into the top 5 cyberattacks that made headlines, offering insights into the vulnerabilities exposed and the resilience required in an era of evolving threats.

5 Worst Cyberattacks of 2023

1. Las Vegas Casinos: MGM Resorts and Caesars Entertainment

In September, BlackCat’s ransomware attacks targeted two iconic names on the Las Vegas Strip—MGM Resorts and Caesars Entertainment. MGM faced a 36-hour outage, translating into substantial downtime costs. Caesars, targeted by the same affiliate, Scattered Spider, negotiated a $15 million ransom after an initial demand of $30 million. The attacks highlighted the urgency of bolstering defenses against social engineering and the critical need for swift, effective responses.

2. Wall Street Banking: ICBC

November witnessed a ransomware attack on China’s largest bank, ICBC, causing a $60 billion surge in failed trading rates in the US Treasury market. LockBit claimed responsibility, emphasizing the global impact of cyber incidents on financial markets. The incident underscores the importance of fortifying critical financial infrastructure against cyber threats, ensuring seamless operations and maintaining market stability.

3. City of Dallas: Royal Ransomware Group

A ransomware attack in May by the Royal ransomware group affected the City of Dallas, disrupting IT systems and compromising the sensitive data of over 26,000 individuals. The fallout, including identity theft cases, emphasizes the far-reaching consequences of such attacks. It serves as a stark reminder for municipalities to invest in robust cybersecurity measures, given the potential impact on public services and citizen trust.

4. Tampa General Hospital

Tampa General Hospital faced a class-action lawsuit following a cybersecurity incident that exposed the protected health information (PHI) of up to 1.2 million patients. While the hospital thwarted a ransomware attempt, the fallout emphasizes the need for healthcare institutions to fortify their defenses to safeguard patient data. Timely notification and robust cybersecurity practices are critical in preserving patient trust and compliance with data protection regulations.

5. St. Margaret’s Health

St. Margaret’s Health in Illinois announced the closure after a 2021 ransomware attack significantly impacted operations. Now we know this attack didn’t happen in 2023, but the fact that an attack from two years ago affected the company so much that they had to close is cause for alarm. The attack, coupled with other challenges, led to unprecedented expenses and operational disruptions, underscoring the long-term consequences of successful ransomware attacks. It serves as a cautionary tale for organizations to prioritize cybersecurity resilience, especially in critical sectors like healthcare.

How to Fortify Against Ransomware

Block Common Entry Points

• Develop a plan for patching vulnerabilities promptly.
• Disable or harden remote access points like RDP and VPNs.
• Use endpoint security software to detect and mitigate exploits.

Detect Intrusions

• Segment networks and allocate access rights prudently.
• Leverage EDR or MDR solutions to detect unusual activity before an attack occurs.

Stop Malicious Encryption

• Deploy Endpoint Detection and Response (EDR) software for robust ransomware detection.
• Utilize ransomware rollback mechanisms to restore damaged system files.

Create Offsite, Offline Backups

• Keep backups beyond the reach of attackers.
• Regularly test backups to ensure swift restoration of essential business functions.

As we embark on a new year, these lessons serve as a compass, guiding organizations toward fortified cybersecurity practices and resilience against evolving cyber threats. Immutable Backups with Performive Powered by Veeam is the best way to protect yoruself from ransomware threats. Want to learn more about how we can help protect your business? Fill out the form on our Contact Page.