The absence of email for more than three days brought home the reality of ransomware threats for SRT members in the Minot region.
Ransomware, which entails worming into a computer system to encrypt and hold data hostage, is not an unfamiliar crime. But it typically has happened to people farther away. As local residents became cut off from a popular form of communication and businesses scrambled to keep operations on track, the cybercrime took on new meaning.
The Institute for Security and Ransomware Technology issued a task force report last April, claiming about 2,400 victims of ransomware a year among government, education and healthcare agencies. That doesn’t include other industries or the impacts on customers and clients of those organizations.
From 2019 to 2020, ransomware demands increased 171%, according to the task force. The Multi-State Information and Sharing Analyses Center observed a 153% increase in the number of reported state, local, tribal and territorial government ransomware attacks between 2018 and 2019.
The World Economic Forum’s The Global Risk Report 2020 stated, “Cybercrime entities are joining forces, and their likelihood of detection and prosecution is estimated to be as low as 0.05% in the United States. Cybercrime-as-a-service is also a growing business model, as the increasing sophistication of tools on the Darknet makes malicious services more affordable and easily accessible for anyone.”
Meanwhile, an aging technology infrastructure and the tendency to connect more and more data to the internet without the ability to secure it have increased America’s vulnerability, according to the task force.
The monetary value of ransom demands also has been increasing. It’s been estimated that one in four attacked entities pay the ransom, although numbers are hard to track because there is no mandatory reporting of attacks or payments. The FBI discourages paying ransoms, for obvious reasons. There’s no guarantee of getting data back, and it encourages perpetrators. Yet, the problem is getting worse rather than better.
Clearly, more needs to be done. The IST task force report recommends a deter, disrupt, prepare and respond model to address ransomware attacks. Along with an aggressive, multi-national campaign and funding help for organizations attacked, it also calls for a crackdown on the cryptocurrency sector, where regulatory laxity or violations facilitate ransomware by decreasing criminals’ abilities to be traced.
For industry, guarding against ransomware starts with establishing a secure system and keeping it secured. One U.S. county paid about $1 million for new equipment and technical assistance after receiving a $1.2 million ransom demand linked to a breach that was believed to have resulted from an employee clicking on a malicious link.
Millions of people across the country were indirectly affected by the recent attack on SRT’s third party email provider. That wide-reaching impact isn’t unusual. Remember the panicked motorists who queued to fill up their tanks in response to fuel shortages resulting from the ransomware attack on Colonial Pipeline last year? If the billions of dollars a year that ransomware has been costing our economy isn’t enough to make people angry, the interruption of our daily lives might be.
With that in mind, we have the studies and the recommendations. It’s time to fight back.