• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » The multi-billion-dollar cost of ransomware

The multi-billion-dollar cost of ransomware

by Adi Gaskell
27 May 2020
in Security
0
Blue circuit board closeup connected to a cpu with a glowing stop hand symbol
5
SHARES

2019 was a big year for ransomware, with research from the cybersecurity firm Emisoft revealing that it cost over $7.5 billion in the United States alone. Attacks were found to affect a huge range of organizations, from schools to healthcare providers.

“The fact that there were no confirmed ransomware-related deaths in 2019 is simply due to good luck, and that luck may not continue into 2020. Governments and the health and education sectors must do better,” the company says.

It’s a problem that a report published last year suggests that ransomware affected around 30% of federal agencies over the past three years. For instance, the city of Baltimore was struck down by a variant of the RobinHood style attack, with city officials following FBI guidance and not paying the $76,000 ransom the attackers demanded. The attack eventually cost many millions, with an estimated $10 million spent on data recovery and $8 million due to the unavailability of key services for the duration of the attack.

To pay or not to pay?

The FBI’s guidance is based upon three core reasons:

  1. No guaranteed results – the decision to pay often rests upon the assumption that once the ransom is paid, the decryption key will automatically be handed over, but the FBI cite various examples of this not happening, and suggest trusting criminals is perhaps a foolhardy endeavor.
  2. Multiple attacks – the payment of the ransom also assumes that attackers will limit their assault to a solitary attack. The FBI believes that if an attacker has found both a vulnerable target, and one that appears willing to pay a ransom, then the chances of multiple attacks increase. What’s more, subsequent attacks are likely to demand ever higher ransoms, with suggestions that demands could grow up to 12 fold.
  3. Don’t encourage the business – last, but not least, they believe that by paying the ransom, agencies are liable to encourage the ransomware business model, and therefore put other agencies at risk.

All of which represents something of a problem, as a state audit for Mississippi in 2019 found that the government was doing a very poor job in terms of cybersecurity, which was reinforced by researchers from the University of Maryland, who believe that the problem is common across local governments. It’s perhaps no surprise that a report from the National Governors Association found that the majority of ransomware attacks were conducted on local government agencies.

So what should agencies do to better protect themselves from ransomware attacks? Responses revolve around both reducing vulnerabilities to attack in the first place, and then being able to recover as quickly as possible (without the encryption key the attackers are holding to ransom) to, therefore, minimize the damage.

Educating staff

Data from Netwrix suggests that government agencies are at least appreciating the importance of better cybersecurity, with 59% of the government organizations they surveyed regarding cybersecurity awareness among staff as a priority. This is likely to manifest itself in a big boost to training for cybersecurity awareness so that staff are better able to spot the signs of ransomware, and then respond appropriately.

Given that some ransomware attacks, such as the Sodinokibi attack on a number of cities across Texas last year, don’t require any kind of human action at all, it could be argued that the most important steps are in trying to mitigate the effect of an attack rather than trying to prevent them entirely.

If agencies can develop a robust plan to respond quickly and thoroughly to any attacks, and therefore limit their damage, it can take the wind out of the sails of attackers. Being able to detect attacks quickly, respond in kind, and then recover data effectively are key.

This can be done by having a robust and up to date inventory of the data held by your agency, and who currently has access to it so that any risk of data being lost is minimized. Ransomware often depends upon compromising an individual who has certain access rights, so enforcement of access privileges is key.

Agencies can then bolster their detection systems by monitoring user behaviour across all of their key systems and databases, regardless of whether these are on-site or in the cloud. There should be constant screening for unusual behavior, which can be an early sign of an attack in progress.

The agency can then work to bolster their data recovery capabilities through having a better understanding of precisely what files or information was modified by the attackers. If all of these three steps can be ‘war-gamed’ on a regular basis, staff will be well prepared for the ransomware attacks that are likely to hit them at some point. This process also allows staff and agencies to keep on top of the constant changes in the cybersecurity world, and the different methods of attack hackers are likely to use.

No organization wants to find themselves the victim of a ransomware attack, but if agencies assume that they will be at some point, then it puts them on a better mental footing to better plan and coordinate a response.

Share5TweetShareShare

Related Posts

Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Telegram app on mobile

Watch out: there’s a new Telegram scam about

15 January 2021
Email icon on laptop screen

How phishing attacks are evolving and why you should care

14 January 2021
Ransom message on laptop screen

Why ransomware attacks will explode in 2021

12 January 2021
Next Post
real estate application on smartphone

Real estate app leaking thousands of user records and sensitive private messages

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    82782 shares
    Share 82771 Tweet 0
  • ProtonMail review: have we found the most secure email provider in 2021?

    60 shares
    Share 60 Tweet 0
  • Best alternatives to Gmail to protect your privacy

    407 shares
    Share 407 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
  • Bitwarden Review

    0 shares
    Share 0 Tweet 0
Parler partially reappears with support from Russian technology firm

Parler partially reappears with support from Russian technology firm

19 January 2021
Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Facebook logo on a keyboard

Hungary mulls sanctions against social media giants

18 January 2021
Hackers leverage sophisticated and novel techniques to break into networks

Hackers leverage sophisticated and novel techniques to break into networks

18 January 2021
Health tracking on mobile

Is it healthy to track your fitness and wellbeing?

18 January 2021
Huawei logo display

Trump admin slams China’s Huawei, halting shipments from Intel, others

18 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!