Anti-Ransomware Coalition Bound to Fail Without Key Adjustments

COMMENTARY. Ransomware is a pervasive issue affecting businesses of all sizes and industries, and the best way to respond remains hotly debated.
While much fanfare coincided with the announcement of a US-led, 40-country coalition to collectively reject the payment of ransoms to cybercriminals, it's more a symbolic gesture than a practical solution.
The most effective solution to the ransomware challenge isn't an international agreement; it's an enhanced understanding of potential threats and better preventative security measures.
Cybercriminals stole nearly 100GB of data from Colonial Pipeline and threatened to leak it if the ransom wasn't paid, resulting in the company ponying up the $4.4 million ransom.
For critical infrastructure organizations like Colonial Pipeline, restoring operations and services and regaining control of sensitive information is critical, meaning making swift payments to hackers following an incident is often the most efficient way to reduce the damage to the business.
The year of the ransomware attack, the Colonial Pipeline Company had $3.1 billion of assets, and the prior year generated a net income of $420 million on $1.3 billion of revenue.
Given the damage to reputation and productivity in the days the pipeline was down, paying the ransom was akin to dealing with a frustrating but nowhere near bank-breaking speeding ticket.
The potential cost to reputation and the climbing costs of ransom demands mean that even large organizations with funds to spare must combine efforts to combat cybercrime.
A proactive effort that meets cyber threats with strength and prioritizes preemptive techniques with threat intelligence provides organizations with cybersecurity postures that are two and a half times more likely to be effective.
The Conti ransomware group revealed that cyber groups adjust their demands for each victim: the higher the victim's annual revenue, the lower the percentage of revenue demanded.
Although the ransom demands for SMBs might be smaller monetary amounts, they typically represent a higher percentage of their annual revenue, thus causing a larger impact on the business.
SMBs typically spend an average of $38,000 to recover from a security breach, including costs associated with a temporary pause in trade, excluding any ransom payments.
Given that the average annual revenue for small businesses falls within the range of $44,000 to $1 million, the feasibility of making ransomware payments may be in question.
The solution to the growing challenge of ransomware lies, undoubtedly, in better cybersecurity that prevents ransomware attacks from occurring in the first place.
Combined with increased action from law enforcement to apprehend attackers and deter cybercrime, ransomware groups will face a more even challenge.
Proactive Security Is the Way to Counter Rising Ransomware Threats Verifying whether businesses do or don't pay ransomware demands isn't always practical; however, estimates suggest that 46% of organizations pay ransomware extortion, and 26% of organizations that use backups to restore data also pay.
Preventing ransomware payments is not a viable solution to the growing problem of ransomware, nor is it the most effective.
The international alliance, while a symbolic resistance to ransomware demands, misses the critical point in combating rising ransomware crime: security.
Organizations must invest in better cybersecurity practices, threat intelligence, and proactive initiatives to prevent ransomware attacks in the first place and lessen the impact when or if they become victims.
Empowering organizations to resist extortion tactics through preventative measures rather than relying solely on the decision to pay or not pay ransom demands is the real solution.


This Cyber News was published on www.darkreading.com. Publication date: Tue, 16 Jan 2024 15:00:28 +0000


Cyber News related to Anti-Ransomware Coalition Bound to Fail Without Key Adjustments

Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition - Cybersecurity insurance firm Coalition has predicted that there will be 1,900 average monthly critical Common Vulnerabilities and Exposures in 2023, a 13% increase over 2022. The predictions are a part of the company's Cyber Threat Index, which was ...
1 year ago Csoonline.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
1 month ago Securelist.com
Anti-Ransomware Coalition Bound to Fail Without Key Adjustments - COMMENTARY. Ransomware is a pervasive issue affecting businesses of all sizes and industries, and the best way to respond remains hotly debated. While much fanfare coincided with the announcement of a US-led, 40-country coalition to collectively ...
10 months ago Darkreading.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
Insurers Use Claims Data to Recommend Cybersecurity Technologies - Businesses using a managed detection and response provider cut their median response time to a cyber incident by half, and saw a commensurate - and dramatic - reduction in the impact of each incident, according to an analysis of insurance claims ...
8 months ago Darkreading.com
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
10 months ago Unit42.paloaltonetworks.com
Ransomware trends and recovery strategies companies should know - Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in ...
11 months ago Helpnetsecurity.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
10 months ago Feeds.fortinet.com
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
10 months ago Securityboulevard.com
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
9 months ago Malwarebytes.com
Dozens of countries will pledge to stop paying ransomware gangs - An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups. Addressing reporters on Monday, Anne Neuberger, ...
11 months ago Bleepingcomputer.com
The Number of Security Risks to Increase Significantly by 2023 Coalition - According to Cyber insurance firm Coalition, the average monthly critical Common Vulnerabilities and Exposures (CVEs) in 2023 is expected to be 1,900, a 13% increase from 2022. This prediction is based on data collected from the company's active risk ...
1 year ago Csoonline.com
VX-Underground malware collective framed by Phobos ransomware - A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor. Phobos launched in 2018 in what is believed to be a ransomware-as-a-service derived from the ...
11 months ago Bleepingcomputer.com
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
10 months ago Bleepingcomputer.com
Declining Ransomware Payments: Shift in Hacker Tactics? - Several cybersecurity advisories and agencies recommend not caving into ransomware gangs' demands and paying their ransoms. It seems the tide is turning, with a decline in ransomware payments; this article explores the trend and what it might mean ...
9 months ago Securityboulevard.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
8 months ago Feeds.fortinet.com
LockBit attacks continue via ConnectWise ScreenConnect flaws - Exploitation of two critical ConnectWise vulnerabilities continues to mount, with many attacks attributed to ransomware gangs such as LockBit. Last month, ConnectWise disclosed an authentication bypass vulnerability, tracked as CVE-2024-1708, that ...
8 months ago Techtarget.com
The Week in Ransomware - An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks on organizations in 71 countries. The threat actors are said to be affiliates of numerous ransomware ...
11 months ago Bleepingcomputer.com
Ransomware Roundup - On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the ...
9 months ago Feeds.fortinet.com
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
9 months ago Bleepingcomputer.com
Ransomware's Impact May Include Heart Attacks, Strokes & PTSD - First-order harms: Direct targets of ransomware attacks. The increasing convergence of IT and OT leave physical infrastructures more vulnerable to ransomware, even though most ransomware operators lack the capability to directly compromise OT or ...
9 months ago Techrepublic.com
Waiting for the BlackCat rebrand - We saw another ransomware operation shut down this week after first getting breached by law enforcement and then targeting critical infrastructure, putting them further in the spotlight of the US government. While the Tor onion domain seizure was a ...
8 months ago Bleepingcomputer.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
6 months ago Bleepingcomputer.com
Best Ransomware Protection Practices for Midsize Organizations - Ransomware Protection has emerged as a crucial step in cybersecurity since ransomware attacks have become a major threat to businesses of all sizes, including midsize organizations. Ransomware attacks can be delivered via email attachments or links, ...
10 months ago Securityboulevard.com
The Evolving Landscape of Ransomware Attacks - 1.7 million ransomware attacks are happening every day. Many people think the virus has locked their computer, but it is actually the ransomware that has locked all their files. As the name ransomware suggests they are after ransom. Stealing or ...
10 months ago Cyberdefensemagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)