Cybersafety Connections June 2021 vol#20
Be In the Know
- The Cybersecurity Landscape.
- Handsome Ransom.
- Efforts made.
Microsoft 365 Stock Images
THE CYBERSECURITY LANDSCAPE
The United States was hit by more than 15,000 ransomware incidents against organizations last year alone, according to Brett Callow, a threat analyst at the cybersecurity firm Emsisoft. These attacks cost the US between an estimated $596 million and $2.3 billion in 2020 in ransom payments and lost productivity, Callow said. The true figures may likely be even higher, he added, because Emsisoft’s estimates only account for confirmed cases of ransomware incidents.
In April, The US Department of Justice created a ransomware task force, after declaring 2020 had been the worse year for extortion related to cyberattacks. This issue has gotten worse. Already the first half of 2021 saw a 102% increase in ransomware attacks in comparison to the beginning of last year, a report from cybersecurity firm Check Point Software.
Most recently, we have had incidents of ransomware cyberattacks on companies like Colonial Pipeline that shut it down last month and the attack on meat producer JBS. According to the FBI, the attack on meat producer JBS was carried out by a Russia-based cybercriminal group called REvil, the same group that tried to extort Apple supplier Quanta Computer earlier this year. REvil is like Darkside and reported by U.S official as the group responsible for the ransomware attack on Colonial Pipeline that causes the pipeline to shut down last month.
Both REvil and Darkside operate their business model as “ransomware-as-a-service” where these cybercriminal groups employ a large staff to create tools to carry out the ransomware attack and share in the profit. The cybercriminal group sometimes carries out the attacks by themselves. According to experts, these Russian-based cybercriminals face no repercussion as long as the attacks are carried out on other countries and the ransom is funneled to Russia.
The Colonial Pipeline CEO admitted to paying $4.4 million in ransom so hackers could release their systems for operations to resume. Correction to my earlier blog that had reported $50 million in error as the amount paid. FBI got the ransom money back.JBS paid an $11 million ransom to resolve the ransomware attack and avoid further disruption. FBI advises against paying ransom to avoid supporting the booming criminal industry because sometimes the decryption tools given after the ransom payment do not work. While this may be the case, sometimes the victim organization has little to no choice in refusing to pay the ransom since these criminal actors will not release data/computer resources until the payment of ransom.
Congress has struggled to pass a uniform federal law regarding reporting of data breaches. Some rules exist at the state and federal levels that are not uniform.
Federal agencies that have the responsibility for regulating specific sectors do not have uniform rules across the board.
All the lack of uniformity makes it difficult to determine who should be held responsible for protecting the public, the government, or the private sector.
The justice department plans to approach its anti-ransomware efforts with the same in the same manner it handles terrorism and the White House issued a rare open letter to companies advising them to treat the threat of ransomware attacks with greater urgency.
The Department of Justice put out a memo that governs the internal reporting by US prosecutors of all ransomware investigations worked to help the U.S government better organize the tracking of online criminals.2
The memo also states ransomware as — malicious software that seizes control of a computer until the victim pays a fee — an urgent threat to the nation’s interests.
National Security Council
National Security Council’s top cyber official, Anne Neuberger, wrote from the white house making it clear to corporate executives and business leaders that the private sector needs to better understand its critical role. She reiterated that no organization is safe from ransomware attacks big or small and so should beef up the cyber defense to match this cyber threat.
The FBI Director Christopher Wray also raised the alarm by comparing the challenges posed by the recent deluge of cyber attacks to the September 11 terrorist attacks and for the same kind of response. Mr. Wray stated that there is a lot of parallel, lots of importance, and a lot of focus on disruption and prevention. He emphasized that we have shared responsibility not just government sector but the private sector and even the average American as well.1
This is in line with the Biden administration growing agreement that ransomware ranks among the greatest National security that the U.S has faced.
President Joe Biden
Meanwhile, President Joe Biden is exploring options. Last month, President Biden signed an executive order requiring companies doing work for the government to improve their cybersecurity practices. Also, according to Whitehouse, President Joe Biden intends to address the JBS attacks and the increase in cyber threats during the meeting with Russian President Vladimir Putin in Geneva this week. In addition, President Biden will also seek to form an international coalition against ransomware.
With the recent spate of cyberattacks on critical infrastructure, it seems like our defenses are down. And the response to this cyber terrorism may require the approach used to counter-terrorism and terrorist attacks.
According to legal and industry experts, it is not practical for the Biden administration to urge compliance to a one size fit all cybersecurity regulation for the whole critical infrastructure sectors like pipelines, airlines, telecom networks, and more. Because each industry has its complexit, designing and enforcing cybersecurity regulations is difficult.
So the solutions will require all hands on deck, from the government to investment from the private sector to Americans and the international coalition, cooperating, doing their part and, information sharing.
And we will continue to follow up on the efforts to fight against cyberattacks in the post-pandemic and provide
You can access the full articles in the links below.
Please subscribe to get the latest post.