Explore how ransomware attacks work, how they infiltrate networks, and what steps individuals and organizations can take to prevent, detect, and recover from ransomware incidents. Articles cover recent ransomware variants, encryption tactics, backup strategies, and incident response planning.
posts
Last year, a hospital administrator told me she ignored an alert about a credential stuffing attack because she didn't know what that phrase meant. Three days later, her organization was dealing with a ransomware incident that shut down patient scheduling for two weeks. The jargon gap in cybersecurity
During a breach investigation last year, I watched a CFO stare blankly at an incident response report and ask, "What's lateral movement? What does 'exfiltration' mean? Can someone just speak English?" That moment crystallized something I've known for two decades: the cybersecurity
In March 2025, the FBI's Internet Crime Complaint Center reported that phishing remained the number one reported cybercrime for the fifth consecutive year. That stat alone should tell you everything about where threat actors are focusing their energy. But raw numbers don't teach your employees what
In February 2024, Change Healthcare — a company that processes roughly one-third of all U.S. medical claims — was hit by the ALPHV/BlackCat ransomware group. The fallout was staggering: $872 million in direct costs reported by UnitedHealth Group in a single quarter, pharmacies unable to process prescriptions, and the personal
A Single Click That Cost a Hospital $22 Million In February 2024, Change Healthcare — the payment processing backbone for thousands of U.S. hospitals and pharmacies — was hit by the ALPHV/BlackCat ransomware group. UnitedHealth Group, its parent company, confirmed paying approximately $22 million in ransom. The attack disrupted prescription
The Attack That Cost a Hospital $67 Million In May 2024, Ascension Healthcare disclosed a ransomware attack that disrupted operations across 140 hospitals. Ambulances were diverted. Clinicians reverted to paper charts. The financial impact reportedly reached $1.8 billion in total losses for the fiscal year, with the cyber incident
In February 2024, Change Healthcare — the payment processor handling roughly one-third of all U.S. medical claims — was hit by the ALPHV/BlackCat ransomware group. The result: $872 million in direct costs reported by UnitedHealth Group, months of disrupted pharmacy operations, and the personal health data of over 100 million
In May 2024, Ticketmaster confirmed a breach that exposed the personal data of over 560 million customers. The attack vector? Stolen credentials used to access a third-party cloud database. It wasn't some exotic zero-day exploit. It was a login and password that fell into the wrong hands. If
In May 2023, the City of Dallas got hit with Royal ransomware. Police dispatch systems went down. Court services froze. Municipal operations ground to a halt for weeks. The city ultimately spent over $8.5 million on recovery. And here's the part that stings: Dallas had cybersecurity staff
The Breach That Nobody Reported for 72 Days In 2023, the SEC charged SolarWinds' CISO with fraud partly because the company allegedly downplayed the severity of a cyber incident and failed to disclose material risks. That case sent shockwaves through every boardroom in America. It proved something I'
