Make wishtv.com your home page

FBI: Small businesses vulnerable to skyrocketing number of cyberattacks in Indiana

INDIANAPOLIS (WISH) — While big corporations may get the most attention for major cyberattacks, experts say it’s actually schools, police departments, nonprofits, local governments and other small businesses that are the most-exposed to ransomware, the most pertinent form of cyberterrorism.

“It’s the same fear factor that, you know, a kidnapping would be your kid is gone, you have to get the kid back,” said Aaron Pritz, co-founder of Reveal Risk, a business management consultancy in Carmel. “Desperation may come into play and that’s what the attacker is counting on.”

Pritz says says attackers can see small businesses as easier targets because they are the least likely to have protective barriers. He says the goal of the attacker is to get as much money possible out of a business often resulting in losing tens of thousands of dollars.

That was the price tag for Hancock Regional Hospital in Greenfield back in 2018.

“There were moments in the middle of the night on that Friday night where we sat there and said, ‘Are we going to get through this?’” said Hancock Health CEO Steve Long.

Long says the ransomware attacker locked Hancock Health’s entire computer system, giving them no other choice but to pay $55,000 to the attacker to restart the system.

Now, the hospital likes to educate others on the importance of protecting themselves and on how the hospital is more prepared for the rise of attack attempts they’ve received over the last few years.

“We blocked tens of thousands of malicious emails every day,” Long said. “I talked to our cyber folks. We are up about 40% over where we were back in 2017.” 

Just last week, the FBI compared the challenge of controlling the skyrocketing rise of ransomware attacks to 9/11. According to the FBI’s Internet Crime Report, there were 9,746 Indiana victims to cyberattacks in 2019. By 2020, the FBI reported 12,786 victims, a 31% increase.

While the FBI tells victims to never pay the ransom to discourage more attacks, Pritz of Reveal Risk says, most of the time it’s a very difficult decision for a business and often times the ransom is less than the money it would take a business to rebuild.

“Sometimes you’re chasing ghosts, and it’s not as easy as somebody that robs a bank. And, you know, you see the footage and you see their license plate and you can kind of follow the bread crumbs.”

Cybersecurity resources