What Different Industries Need to Do to Defend Against Ransomware

By 2021, cybercrime activity is predicted to cause $6 trillion in damages – but it doesn’t affect each industry equally. Several recent articles have identified the industries most frequently hit by ransomware attacks, so if you work in one of these fields, it’s time to get vigilant.

Read on to find out if your industry has become a target!

Business and Professional Services

Forbes reports that 58% of victims hit with a cyber attack in 2018 were small businesses. Of those who were attacked, 60% never reopened for business after suspending operations – usually due to losing their backups.

Infected email attachments are the common attack vector at these types of companies, with half of all attacks on small businesses successfully penetrating the company.

Savvy attackers can make phishing emails and attachments look legitimate. Attacks through business’s emails have increased by 130% in 2019.

The 2019 Symantec Internet Security Threat Report (ISTR) found that bills/invoices and email delivery failure notices are the two most common ways malware disguises itself within these malicious emails.

What to do: In addition to protecting data system-wide, educate all employees on how to identify a suspicious email, and set policies for how emails should be handled – even on the employees’ own devices.

Local/Municipal Governments

Government agencies are frequent targets. In these environments, IT staffs are small, overworked, and under-resourced, so ransomware is more likely to slip by unnoticed.

Ransomware will tend to hit smaller cities or towns where technology is more vulnerable and less likely to have a high security or other failsafes protecting their systems and backups. The added benefit for hackers? They can also be doorways to other levels of government and a higher chance of payouts.

The risks for municipalities include attacks that disable essential services like police and ambulance, which can pose a huge threat to public safety.

A recent notable case in Baltimore, which was attacked back in May and is still recovering from the attack and suffering lost revenues in July. They are the fourth city to be added to the list of US cities that have been hit with a crippling attack. The attack is estimated to cost the city over $18 million.

What to do: Consult a managed service provider or vendor of data protection software to find the most affordable, least time-consuming way to stay safe. If you choose a turnkey product or service, choose to automatically update it so you know you will always be covered.

Last but not least, make sure employees are trained on how to identify a suspicious email since the most common attack vector in this industry is phishing emails!


Another top target for ransomware is education, with TechRepublic reporting that 13 percent of educational organizations were attacked in the past year.

The Former Vice Provost for Information Technology at Pennsylvania State University stated that Penn State had an average of 20 million malware attacks per day. This is actually a typical amount of attacks for a research university, which explains why ransomware and malware attacks have become the number one issue universities are currently facing.

Attacks pose a threat to both the safety of students and the research that the university is conducting.

What to do: With 1/3 of students opening a malware email, it is critical that both students and educators be educated on how to identify a suspicious email.

A small investment in a cybersecurity consultation and training for staff and students will help identify breaches waiting to happen.

As file sharing is rife on campuses, consider implementing policies on peer-to-peer file sharing and/or systems to address it.

Health Care

Ransomware in health care and hospitals doesn’t just cost money, it can cost lives. Out of all industries, health care was hit the hardest in 2018.

During a ransomware attack, the situation at health care providers can go quickly from simply lacking data on a patient to a more critical threat of power outages stopping urgent treatments and surgeries.

Doctors work very closely with technology to improve patient outcomes; however, when these technologies suddenly go down, lives are put at risk.

Ponemon says that each breach costs large health care organizations an average of $3.7 million, although an Accenture report says that the figure could be as high as $113 million.

From India to the UK to Canada, to the United States, hospitals are being shut down in the blink of an eye with small time periods to pay the ransom. Access to patient data is a matter of life and death, so paying the ransomware often seems like the only choice – but it also puts the organization at risk to ongoing attacks since they are known to be an organization that pays.

On the other side of health care, health research is often considered more valuable than financial with large investments being made into ground-breaking research, making it a prime suspect to these attacks.

What to do: Under HIPAA in Canada, hospitals and health care systems must have “retrievable exact copies of electronically protected health information” at all times. Without proper protection, the majority of health care data is open to attack, which would be in direct violation of HIPAA privacy regulations!

Rather than pay a ransom, the best defence is a good offence. Even if you do pay the ransom, there is no guarantee your data won’t be fatally corrupted or that all the data will ever be returned.

When data is as critical as this, don’t skimp on security. Educating staff on suspicious emails and investing in software that ensures you always have a safe backup to recover from are your best bets against ransomware.


Ransomware has become one of the top concerns for financial institutions. IBM named financial services to be one of the industries worst hit with ransomware last year, with billions of security events found.

In fact, there has been a 15.9% increase in attacks on financial institutions in the past 2 years.

Why are they a major target? For starters, data is the lifeblood of banking and finance, and then, of course, there’s the fact that these institutions have what cybercriminals want most: money.

What to do: Remember the cost of downtime can be ten- to twenty times higher than the dollar amount of ransom demanded.

Spare no expense ensuring the safety of your sensitive data – whether it’s the personal financial data of clients or data that would be valuable to your competitors – and make sure you can recover quickly and seamlessly from an attack

In Conclusion

Regardless of which industry you’re in, all organizations need to take practical steps to ensure they can prevent and recover from attacks. If you have important or confidential data, you may be a target.

At a minimum, ensure that business-critical information is stored and backed up safely, make sure data is encrypted, and keep backups stored offline, at another site, or on another network.

It may seem impossible to protect yourself against the threat of ransomware, but there is a foolproof solution! Click here to learn more and have peace of mind knowing your valuable data is safe.