Skip to content
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
The Reimage Blog
Menu
  • Home
  • Emerging Technology & News
  • Computer Help
  • Privacy and Security
  • Reimage Windows Repair
Facebook Twitter
Home  /  Privacy and Security  /  Ransomware rises as a national security threat as bigger targets fall
PostedinPrivacy and Security Posted on October 15, 2021

Ransomware rises as a national security threat as bigger targets fall

Posted By Kerry.Hershey
Governments around the world look for ways to fight back.

Cybercriminals are getting more sophisticated and brazen in ransomware attacks, freezing computer systems at school districts, major universities, police departments and hospitals. Now the US government is stepping up its approach to fighting computer crimes. 

Earlier this week, the White House convened an international counter-ransomware event. Representatives from more than 30 countries, including big US allies like the UK, Canada and Japan, participated in the virtual gathering. Notably absent: Russia, which the US and other countries blame for harboring and possibly encouraging the groups behind the attacks.

The high-level government attention to ransomware underscores its growing reach. Once nothing more than garbage malware locking up the hard drives of the tech unsavvy or of small businesses running dated versions of Windows, ransomware has become a global digital scourge. Earlier this year, a major oil pipeline and one of the world’s largest meat processors were both hit by cybercriminals who demanded millions of dollars in ransom.

The attacks on Colonial Pipeline and JBS USA Holdings made headlines for weeks. They also marked a nefarious rise in the ambitions of cybercriminals and caught the attention of government officials and cybersecurity experts. 

“It’s really become a national security threat,” Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, told the Billington Cybersecurity Summit last week. “Everything is connected, everything is vulnerable, and the threat actors are just getting more sophisticated.”

According to a report from the Institute for Security and Technology’s ransomware task force, the total amount paid by ransomware victims more than tripled in 2020, reaching nearly $350 million. 

Colonial Pipeline and JBS both forked over millions in ransom payments. The FBI was able to recover about $2.3 million of the $4.4 million paid by Colonial. Both ransoms were paid in bitcoin, a popular cryptocurrency. 

Both attacks wreaked temporary havoc, pushing up the price of gasoline and meat as the companies lost control of their supplies.

“It’s amusing to the outside world that America doesn’t care until it’s about oil and meat,” says Chester Wisniewski, a principal research scientist for the global cybersecurity firm Sophos.

Wisniewski says earlier attacks would target a dozen or so different entities. They didn’t grab the same kind of national headlines, however, because they were separate, smaller attacks.

By today’s standards, cybercriminals also weren’t as talented. They bought the malware online and sent it out without much research into their targets. Companies would often pay the ransom, try to keep things quiet and move on.

That started to change a few years ago. As malware became more sophisticated, cybercriminals began hacking into a company’s financial records to determine exactly how much money the company would likely be able to pay. Now ransoms often reach millions of dollars.

And other attack-related costs far outweigh the actual ransom. Even if a company pays and has its data restored, it still has to bring in experts to rebuild its systems and confirm they’re no longer compromised. 

On top of that, an attack usually prompts a company to upgrade its cybersecurity defenses, another cost. 

Sometimes it can be tough for an entity to know exactly how much cybersecurity it should install. Even though JBS is a big company, many experts wouldn’t have previously considered it to be an obvious target for a cyberattack.

While acknowledging in a June statement that it did pay the equivalent of $11 million in ransom, JBS said it was able to “quickly resolve” the issues resulting from the attack, thanks to its “cybersecurity protocols, redundant systems and encrypted backup servers,” adding that it spends $200 million annually on IT and employs more than 850 IT people around the world. The company didn’t immediately return an email seeking further comment for this story.

Even small companies should follow best practices that’ll lessen the chances of a cyberattack or the fallout from one, says David Cowen, managing director of US Cyber Security Services at professional-services company KPMG. And those practices can be as simple as making sure employees protect their access to systems with strong passwords and always use two-factor authentication. 

The government can help, too, he says.

“Look at what happened with Colonial Pipeline,” Cowen said. “That group initially got paid but then they got tracked down and some of the money got returned. That’s what happens when the government gets involved.”

A recently introduced Senate bill would require critical infrastructure owners and operators, which would include companies like Colonial Pipeline, to report cyberattacks within three days.

In addition, nonprofits, businesses with more than 50 employees, and state and local governments would be required to notify the federal government within 24 hours if they make ransom payments.

Meanwhile, the Treasury Department says it’ll sanction cryptocurrency exchanges, insurance companies and financial institutions that facilitate ransomware payments. It also said it was taking action against virtual currency exchange SUEX OTC for allegedly facilitating ransomware payments. Officials for SUEX couldn’t be reached for comment.

Wisniewski, the cybersecurity researcher, says he likes the idea but questions how much good it’ll do if the government doesn’t take action against the countries behind the exchanges and financial institutions.

“Are we going to sanction China?” he asked. “I don’t think so.”

Credits: Bree Fowler
Source: CNet.com
Feature Image: A ransomware attack shut down operations at JBS USA Holdings earlier this year, resulting in meat shortages in the US. |Getty Images

Share on Facebook Share on Twitter
Previous Article
Amazon Fire TV Stick 4K Max review: Speedy app delivery isn’t everything
Next Article
Windows 11 upgrade: Download Microsoft’s new OS right now with this workaround

About Author

Kerry.Hershey

Related Posts

  • Hackers have carried out over 65,000 attacks through Windows’ Print Spooler exploit

    May 13, 2022
  • How to secure your internet activity on iOS devices

    May 9, 2022
  • Using Google’s Chrome browser? This new feature will help you fix your security settings

    April 15, 2022
Scan Now

Categories

  • Business
  • Computer Help
  • Emerging Technology & News
  • Privacy and Security
  • Reviews

Reviews

Reimage Social

Security

Popular Posts

  • PCWorld calls Reimage “A Fantastic Repair Utility “ July 26, 2011 Reviews
  • 4 Ways to Keep the Ghouls & Goblins Away From Your PC October 26, 2010 Archive
  • The PC Key to Happiness – A Properly Maintained OS September 2, 2010 Archive
  • Google says hacked websites were attacking iPhones for years September 12, 2019 Privacy and Security

Random Posts

  • Apple’s Tim Cook expected to join CEOs of Google, Amazon, and Facebook in testifying before Congress on antitrust issues June 23, 2020 Business
  • Samsung’s 5G trial pushes 5.23Gbps speed onto single device March 4, 2021 Emerging Technology & News
  • See you at Affiliate Summit East 2010! August 12, 2010 Archive
  • Social Networks Users Have Higher Exposure to Malware May 13, 2009 Archive
© Copyright 2019
We use cookies to ensure that we give you the best experience on our website.Ok