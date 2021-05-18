Infosecurity Group Websites
Latest
News

#RSAC: Solving the Ransomware Scourge Requires a Coordinated Effort

The scourge that is ransomware has had a devastating impact on the lives of ordinary people around the world, but it doesn't have to be that way, according to a panel of experts speaking at the 2021 RSA Conference on May 18.

Ransomware is not a new problem in 2021, and it certainly is not one that appears to be diminishing by any measure; rather, it's growing. Jen Miller-Osborn, deputy director of threat intelligence for Unit 42 at Palo Alto Networks, commented that, according to her firm's research, from 2019 to 2020 the average ransom payment nearly tripled, from $115,123 to $312,493. In that same period the highest ransom payment doubled from $5m to $10m.

"They're just gaining more and more money, and when that happens ransomware becomes more and more popular in the criminal sector,"  Miller-Osborn said.

The Evolution of Ransomware

Michael Daniel, president and CEO at the Cyber Threat Alliance, explained that over the course of the last decade, ransomware has changed.

"If you look back to, say, 2013, ransomware was typically targeted at an individual's computer, and the average ransom was like 100 or 150 bucks, so it was a fairly minimal affair," Daniel said.

In contrast, in 2021 Daniel noted that the average ransom is more than $300,000, and it's not just individuals being targeted—it's things like schools systems, hospitals and the energy grid.

As the cost and scale of ransomware attacks have grown, so too has the complexity of trying to limit the risk and the ability to shut down attackers. Among the challenges is that the impact of ransomware isn't limited to any one industry or even any one agency within the US government.

Phil Reiner, chief executive officer, Institute for Security and Technology and Ransomware Task Force, explained that one of the primary reasons why the Ransomware Task Force existed was to help deal with the fast-moving threat landscape.

"It takes senior-level, top-down interest in a problem like this to really get after it with the resources that are required, and the prioritization of the issue needs to be raised in order to actually do something differently," Reiner said. "It's not business as usual. This is not just a normal cybersecurity threat—it's a plague."

These threat actors, they feel like they can operate this way because they've got safe haven.Phil Reiner

It Is Time for a Comprehensive Approach to End Ransomware

The panelists all agreed that reducing the growth of ransomware will require a coordinated and comprehensive effort across public and private sectors around the world.

"You're not going to solve ransomware with some little silver bullet that just fixes the crypto payments processing problem, you're not going to solve it by just sending Cyber Command after somebody sitting perhaps in Eastern Europe," Reiner said. "These actions all have to happen at the same time if you're really going to effect significant change and shift the trajectory."

Daniel emphasized that disrupting the cryptocurrency element of ransomware will be a critical part of a comprehensive effort. He noted that it is clear that one of the big enablers for ransomware is the growth of cryptocurrencies.

"Cryptocurrency enables payments to occur in a way that the normal financial system can't track or block," Daniel said. "So clearly you're going to have to address that part of the ecosystem, which has nothing to do with cybersecurity directly. "

Increasing Pressure with Law Enforcement Actions

As ransomware attackers can be anywhere in the world, Reiner said that there are different tactics, including economic sanctions, that can and should be used globally to apply pressure to de-incentivize attacks.

"These threat actors, they feel like they can operate this way because they've got safe haven," Reiner said.

Daniel suggested that for the federal government, there is a need to increase capabilities across multiple agencies and not just those where the focus is on security. For example, he noted that the Department of Health and Human Services (HHS), the Department of Energy and others need to work with organizations within their respective sectors to make them more resilient to ransomware incidents.

Miller-Osborn advocated for more law enforcement actions to help deter would-be ransomware actors. In her view, many ransomware attackers haven't been too concerned about consequences or the risk of ending up in jail. If there is a coordinated response, where ransomware infrastructure, network and payment operations are all taken down and people are arrested, convicted and get jail time, she expects that behavior will change

"Cybercrimes are never going to go away," Miller-Osborn said. "But the more people we can discourage from doing these kinds of activities,  the safer everyone's going to be as a whole."

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Cybercrime Forum Bans Ransomware Activity

2
News

Two-thirds of CISOs Unprepared for Cyber-attack

3
News

#RSAC: Bruce Schneier Warns of the Coming AI Hackers

4
News

AXA Faces DDoS After Ransomware Attack

5
News

Toshiba Business Reportedly Hit by DarkSide Ransomware

6
News

Cisco Snaps Up Kenna Security for Vulnerability Management

1
News

#RSAC: Solving the Ransomware Scourge Requires a Coordinated Effort

2
News

#RSAC: Does the US Need a National Breach Reporting Law?

3
News

#RSAC: Anne Neuberger Sets Out Biden Administration’s Plan to Modernize US Cyber-defenses

4
Webinar

Managing the cybersecurity transition to the cloud

5
News

#RSAC: McAfee CTO Calls for Risk Decisions Based on Science Not Headlines

6
News

Q1 2021 Sees 2.9 Million DDoS Attacks Launched

1
Webinar

How Zero Trust Enables Remote Working and Builds to a SASE Vision

2
Webinar

Defining the Zero Trust and SASE Relationship

3
Webinar

Zero Trust in 2021: How to Seamlessly Protect Your Remote and In-Office Users

4
Webinar

How To Navigate the Critical Intersection Between Data Security and Data Privacy

5
Webinar

Secure Access Management: Modernize your IT Infrastructure by Maximising Productivity and Minimizing Friction

6
Webinar

The Remote Workplace: Managing the New Threat Landscape with ISO 27001

1
Online Summit

[On-Demand] Infosecurity Magazine Spring Online Summit - EMEA 2021

2
Webinar

Security Mythbusting: Dismantling the Top Five API Myths

3
Online Summit

[On-Demand] Infosecurity Magazine Spring Online Summit - North America 2021

4
News Feature

Census 2021: How Safe Will Our Data Be Over the Next 100 Years?

5
Opinion

How Behavioral Biometrics is Combating Credential Stuffing Attacks

6
Webinar

Securing the #COVID19 Vaccine & Supply Chain