MANAGING THE RISKS OF RANSOMWARE

Ransomware is a significant business continuity risk, increasing in frequency and severity. A successful ransomware attack can completely disable a business overnight at great cost. In 2020, ransomware victims in the US paid out nearly $350m – a 311 percent increase over 2019, according to the Institute for Security and Technology. By 2031, Cybersecurity Ventures predicts that global ransomware damage costs will exceed $265bn.

According to a Cybereason study of nearly 1300 security professionals, more than half of organisations have fallen victim to a ransomware attack, and 80 percent of businesses that chose to pay a ransom demand suffered a second ransomware attack, often at the hands of the same malicious actors.

In addition to the financial risks, attacks can have a lasting impact on a company’s reputation. According to Cybereason, 53 percent of organisations indicated that their brand and reputation were damaged because of a successful attack.

Expanding attack vectors

Many different groups are carrying out attacks, a significant proportion of which come from Russia. Notably, in early July, hackers from a major Russian-speaking ransomware syndicate claimed responsibility for a mass attack which affected hundreds of companies in the US. The hackers demanded $70m in bitcoin to restore data. Groups linked with Russia also reportedly carried out attacks on the major US meat packing plant JBS and the country’s largest fuel pipeline in May.

The intensity and severity of attacks has increased exponentially in recent years, with ransom demands rising along with the cost of remediation. Targets are also expanding, with key infrastructure projects, for example, in the crosshairs. Managed service providers (MSPs) and IT service providers are also being targeted, many of which utilise traditional cyber security solutions that focus on the ‘fortress’ approach to protect their assets – a tactic which has become less effective.

Oct-Dec 2021 Issue

Richard Summerfield