‘Urgent and aggressive’ action required as ransomware crisis deepens

Regular readers of this blog will have seen us lament the growing number of ransomware attacks in the past year.

Our Q1 2021 review of data breaches found that almost one in three publicly disclosed security incidents was a ransomware attack, and in April alone, we discovered 53 cases.

And that’s just the tip of the iceberg; there are plenty of organisations who fall victim and don’t disclose the damage. They might hide behind the vague language of ‘IT disruption’ or quietly pay off the attackers in the hope that the crooks keep their word and provide the decryption key.

But even if their systems are restored, organisations must also take their chances on the criminals not leaking the data – something that is becoming increasingly hard to rely on.

Indeed, most organisations that pay up soon realise that it hasn’t done them any good. A data breach has already occurred (i.e. the information has fallen in to the wrong hands) and it must therefore be reported.

Meanwhile, the only potential silver lining – avoiding the embarrassment of the information being made public – hasn’t materialised. The data is leaked anyway, and they’ve just thrown thousands of pounds after a lost cause.

So where does that leave us? Cyber criminals will continue to launch attacks whether organisations play ball or not, because it only takes one or two who are willing to throw money at the problem for it to be worth the attackers’ time.

The issue has become so desperate that some of the world’s biggest companies have rallied around the RTF (Ransomware Task Force) in an effort to tackle the threat.

Looking for more information on ransomware tips? Alan Calder’s latest book, The Ransomware Threat Landscape, contains everything you need to know.

This book provides a simple explanation of ransomware and how it works, helping business leaders better understand the strategic risks and the measures they can implement to stay safe.

The author, Alan Calder, is IT Governance’s founder and executive chairman. He is an acknowledged international cyber security guru and a leading author on information security and IT governance issues.

Could law enforcement help tackle the threat?

One of the biggest contributing factors towards the rise in ransomware is that organisations have largely been left to tackle the threat alone. Law enforcement bodies advise victims not to pay up, but it’s not always clear what they should do instead.

But that may soon change, with Microsoft, Amazon, the FBI and the UK’s National Crime Agency joining the RTF (Ransomware Task Force) in giving governments recommendations to mitigate the threat of attacks.

In an 81-page report, the group calls for “aggressive and urgent action” against ransomware. They add that “more than just money is at stake [as] ransomware has become a serious national security threat and public health and safety concern”.

The RTF co-chair Jen Ellis said: “Citizens are being impacted by this every day. It’s having a huge impact on the economy and the ability for ordinary people to access critical services.

“Not only that but, really distressingly, the funds that come in from paid ransoms fund other forms of organised crime, like human trafficking and child exploitation.”

According to cyber security company Emisoft, ransomware attacks cost organisations at least $42 billion (£30 billion) in business interruption and in ransom payment last year – although it says the true cost may be as high as £122 billion.

“The costs of ransomware go far beyond the ransom payments themselves,” the task force report observes.

“Cybercrime is typically seen as a white-collar crime, but while ransomware is profit-driven and ‘non-violent’ in the traditional sense, that has not stopped ransomware attackers from routinely imperiling lives.”

The RTF recommends that governments make it mandatory for victims to report if they pay criminals. It also proposes that they:

  • Designate ransomware attacks as a national security threat;
  • Create a response and recovery fund to support ransomware victims and help them recover;
  • Increase regulation of cryptocurrency services; and
  • Exert pressure on nations which are complicit, or refuse to take action against domestic ransomware groups.

Protect your organisation with our training course

If implemented, these steps will go a long way to curbing the threat of ransomware, but organisations must still do their part to stay safe – and one of the biggest issues is staff training.

That’s why you should consider enrolling your employees on our Ransomware Staff Awareness E-learning Course.

By taking this course, you will educate your team on the threat of ransomware and the steps they must take to protect their organisation.

One of the most prominent threats are phishing emails, which cyber criminals often use to deliver ransomware – and it’s why we dedicate a section of our staff awareness course to the threat that phishing poses and the ways you can spot a scam.

The course also contains:

  • Example of ransomware attacks and their implications;
  • The main forms a ransomware attack can take and how they can be identified.
  • An explanation of the anti-malware software, demonstrating how it fits within your organisation’s policies and procedures; and
  • How to respond if you fall victim.