Earlier this month, we saw one of the most damaging ransomware attacks ever conducted, after the software company Kaseya was breached by the REvil gang. More than 1,500 organisations were affected, with the attackers demanding a $70 million (about £50 million) payment.
That, of course, is only the latest in a long line of incidents that have been considered “one of the most damaging ever”. There have also been the attacks on Colonial Pipeline, the meat supplier JBS, the Irish health service and the chemical distributor Brenntag.
The rate at which incidents are occurring has resulted in government efforts on both sides of the Atlantic to tackle the threat.
The White House recently unveiled new initiatives to combat ransomware, which includes a State Department programme that mirrors its anti-terrorism scheme in offering financial rewards for information that helps prevent or identify attackers.
It’s part of a four-pronged scheme that also intends to:
- Make it more difficult for ransomware gangs to transfer funds using cryptocurrency
- Encourage international corporation in combating ransomware
- Help US organizations become more resilient against criminal hacking
Meanwhile, the UK’s NCSC (National Cyber Security Centre) announced in April that it had joined the RTF (Ransomware Task Force), which contains expertise from governments, software firms, cybersecurity vendors, non-profits, and academic institutions from across the world.
In an 81-page report, the group called for “aggressive and urgent action” against ransomware.
The RTF co-chair Jen Ellis said: “Citizens are being impacted by this every day. It’s having a huge impact on the economy and the ability for ordinary people to access critical services.
“Not only that but, really distressingly, the funds that come in from paid ransoms fund other forms of organised crime, like human trafficking and child exploitation.”
Stretched thin
One of the biggest problems that organisations face in the battle against ransomware is a lack of expert guidance. NBC recently reported that attacks have become so prolific that organisations don’t have the internal expertise to address the risk and are unable to seek assistance from third parties.
“We’re getting calls from organizations almost every single day,” said Charles Carmakal, the chief technology officer at the cybersecurity giant Mandiant. “We’re barely able to keep up.”
“I feel bad, but we turn down a lot of organizations because we don’t have the capacity to help them,” he added.
Similarly, Jake Williams, the chief technology officer at the cybersecurity company BreachQuest, said his organisation has seen a drastic increase in the number of ransomware cases it has handled in recent months.
“We’re having to be selective on some of the cases we’re taking,” Williams said, adding that BreachQuest has had to hire subcontractors to manage the influx of work.
With cyber security professionals barely able to keep up with the threat – despite significant growth in recent years – it’s no surprise that ransomware continues to thrive.
For organisations looking to shore up their defences, the best course of action may well be to find talent internally. If you’re considering a role in the industry, or think someone in your team would be suitable, IT Governance has a range of options.
In addition to our certified training courses, we’ve created a cyber security careers guide to help you find a suitable role based on your skills and interests.
Whether you’re thinking about becoming an ethical hacker, an information security manager or anything in between, there is no better place to get started.
I love how you have explained everything in your blog.