As ransomware attacks are on the rise, cybercriminals are becoming more sophisticated and the cost to businesses to rebuild from such attacks are also rising. A report from blockchain tech vendor, Chainanalysis reveals similarities between counterterrorism strategies could potentially be applied to combating today’s “ransomwave” of attacks.
Ransomware can happen at any organization from small, to medium to large. For example, Kaseya, a cloud-service IT management software provider that became victim of a cyberattack ended up knocking down multiple customers across millions of computers without access to their systems until a ransom of $70 million was paid.
Related: A Global “Ransomwave” Is Happening; Here’s What IT Pros Can Do
In 2020 ransomware attackers successfully extorted at least $412 million from victim organizations, more than quadrupling their 2019 totals, according to a Chainanalysis’ report.
Cyber insurance claims are up by whopping 422% in the first quarter of the year, according to report from OODA Loop.
Cybercriminal gangs are now becoming investors for newer ransomware startups because what does a smart businessperson do with a lot of capital— invest it. As the ecosystem for cybercriminal gangs is evolving, how can it be stopped?
The report by Chainanalysis, reveals the answer to stopping ransomware could be found by using similar strategies used in counterterrorism.
The report reveals collaboration between military, law enforcement, intelligence agencies, and public-private partnerships using shared frameworks and watchlists can be key:
The stakes of ransomware go far beyond financial losses and business disruption. Attackers frequently target government institutions and organizations associated with critical infrastructure we all rely on, including banking, hospitals, energy facilities, and food businesses, which can lead to loss of life, both directly and indirectly. Much like terrorists, ransomware attackers leverage fear, chaos, and disruption to terrorize and coerce their victims to accomplish their objectives.
However, the parallels between ransomware and terrorism extend past the problem itself and into the solutions. At its core, the overlap boils down to the need for governments and private industry to increase the resources devoted to countering this threat and to find more effective ways to collaborate. Combined, these efforts will serve to disrupt supporting networks and raise the cost to ransomware attackers. This will diminish their ability to carry out future attacks and de-incentivize their illicit activity.
Public and private sectors must work together to develop new tools and compile data for attack mitigation and investigation, and develop a standard post-attack response and reporting protocol.
Much work also needs to be done when it comes to prosecution, asset recovery and sanctions, regulatory action, and legislation.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply