Blog
← Back to Blog
December 20, 2019 cybersecurity

2019 Cybersecurity Year in Review: Ransomware Gets Personal

Year in review technology trends Year in review reflection

Four years of writing this blog, and 2019 might be the year that most fundamentally changed the threat landscape. Not because of one spectacular breach, but because of a systematic evolution in how attackers operate.

The Big Shifts

Ransomware Became a Data Breach

The Maze ransomware group pioneered "double extortion": steal the data, then encrypt it. If the victim has backups and refuses to pay, publish the stolen data. This changes everything. Backups no longer protect against all consequences of a ransomware attack. A ransomware incident is now automatically a data breach with notification obligations.

Supply Chain Attacks Scaled Up

22 Texas municipalities hit through one MSP. Dental practices across Wisconsin compromised through their IT provider. The supply chain, particularly managed service providers, became the most efficient attack vector. Why hack one business when you can hack their IT company and get hundreds?

Cities Became Regular Targets

Baltimore ($18 million in damages), Atlanta ($17 million), Riviera Beach ($600,000 ransom paid), Lake City ($460,000 paid). Municipal governments, with their outdated systems and limited IT budgets, became prime targets. The parallels to small healthcare practices are uncomfortable.

Capital One Showed Cloud Isn't Automatic Security

100 million records exposed through a misconfigured cloud firewall. The breach proved that moving to the cloud doesn't eliminate security responsibility. It shifts it. Cloud security requires expertise and ongoing management.

By the Numbers

  • $7.5 billion: Estimated cost of ransomware to US organizations in 2019
  • 966: US healthcare, education, and government organizations hit by ransomware
  • 100 million: Capital One records exposed
  • $600,000: Largest municipal ransom payment (Riviera Beach, FL)
  • 22: Texas municipalities hit simultaneously through one MSP

Looking Ahead to 2020

Windows 7 end of life on January 14th will create a massive population of unpatched systems. CCPA takes effect January 1st, beginning a new era of US privacy regulation. Ransomware will continue evolving toward data theft. Cloud migration will accelerate, and cloud security skills will lag behind adoption.

And there's always the possibility of a black swan event. Something nobody predicted that changes everything. We've had one every year since we started writing. 2020 won't be different.

Stay safe out there. See you in 2020.