David Papp Blog

Ransomware is on the Rise as Bigger Targets Fall

As the years have gone by cybercriminals are getting more brazen and sophisticated with their attacks. They’ve been able to hack systems at school districts, major universities, police departments, and even hospitals.

It gotten so bad that finally the US government is stepping up its approach to fighting these attacks and cyber crimes. Early this month, there was an international counter-ransomware event, where representatives from over 30 countries including US, UK, Canada and Japan joining a virtual gathering.

The group pledged to share information and work together to track down and prosecute cybercriminals behind the many attacks, recognizing governments need to take urgent action in this issue and reduce the risk of ransomware.

Ransomware is Still Continuing Strong

But even with this development occurring, ransomware attacks are still not letting up. We can see this through the Sinclair Broadcast Group getting attacked mid-October. Data was also stolen from the TV station operator though it’s unclear what information was taken in that regard.

Earlier this year we also saw major oil pipelines and meat processors getting hit by cybercriminals demanding millions of dollars. In the attacks on Colonial Pipeline and JBS USA Holdings, those headlines were up for weeks.

Those attacks from that long ago marked a rise in ambitions of these criminals and caught the eye of cybersecurity experts and government officials back then. The acts made it clear how much of a threat these attacks really are.

The Attacks Cost Way More than You Think

Looking at costs, the Department of the Treasury issued a report stating that banks and other financial institutions lost $590 million in first six months of this year from ransomware payments. That surpassed the $416 million in suspicious payments reported for all of 2020.

For Colonial Pipeline and JBS, they paid millions in ransom during the six-month period. The FBI did manage to recover $2.3 million of the $4.4 million Colonial paid but it’s hard to track since the payments are all done through bitcoin, being a cryptocurrency it is hard to track.

It’s costly for the businesses but also for people too. In the case of those attacks, prices for gasoline and meat spiked due to losing control of their supplies.

Why the public is starting to become more aware of these attacks is that ransomware used to be more contained. They didn’t grab headlines because the attacks were smaller and were separated.

Cybercriminals also weren’t as talented as they are these days. Many criminals start with buying the malware online and just sent it out to whomever they wished to attack, not bothering to research the business.

All in all, the companies would just pay the ransom, keep things quiet and move on.

That all changed a few years ago as malware became more sophisticated. Cybercriminals over those few years began hacking into financial records to see precisely how much money the company could afford to pay. As the hackers learned that companies could afford way more, they started to charge more.

All of this brings rise to additional costs that companies never had to deal with. After a company gets hit, businesses will have to bring in experts to rebuild security systems. Businesses will also need to upgrade its cybersecurity defenses as well which is another cost to cover.

With that in mind, small businesses and individuals should be looking into best practices to lessen odds of getting attacked or having to deal with the costs of dealing with these attacks. These measures don’t require a huge investment either. Things like protecting passwords and usernames, updating them regularly with strong passwords and using two-factor authentication goes a long way. I can’t stress enough how important it is to implement multi-factor / two-factor authentication anywhere you can.

Government Efforts Help Too

The government helping in this matter is also a huge relief too. Looking at the Colonial Pipeline incident, the recovery of those millions of dollars is a result of the government getting involved.

What’s also helped is an introduced USA Senate bill requiring critical infrastructure for owners and operators to report cyberattacks within three days.

In addition, nonprofits, and business with over 50 employees, including state and local governments now have 24 hours to notify the US federal government if they make ransom payments.

The US Treasury Department is also making efforts as well by sanctioning cryptocurrency exchanges, insurance companies and financial institutions that facilitate ransomware payments.

All of these are good ideas and steps to take, however it doesn’t address the issue of the countries behind the exchanges and financial institutions though. It’s a clear lesson that we can depend on the government on some things, but we still need to look after ourselves and ensure a higher level of security is taken over our own information. Having offline backups (or air-gapped) can also really save you in the event you fall prey to such an attack. Evaluate your backup strategy now to ensure you are proactively doing as much as possible.