New ransomware attacks and corresponding news from cybersecurity authorities shows how this type of digital hostage-taking could have frightening ramifications for national utility systems and other critical services.
Steve Ranger at ZDNet reports a recent ransomware attack that affected Colonial Pipeline, which delivers 45% of fuel to the American East Coast.
Calling the situation a “knotty set of interconnected problems,”Ranger enumerates some of the aspects of ransomware that make prevention enforcement elusive.
First there is the machinery of the global Internet, through which attackers frequently launch their efforts from beyond a country’s domestic borders, making enforcement difficult or impossible given the logistics of extradition.
The ability to use Bitcoin as an anonymous payment facility adds further challenge to bringing ransomware operators to justice.
Then there’s the emergence of what’s called ransomware-as-a-service – kits and guidance delivered by criminals to other criminals to help them to “make their own” ransomware attacks.
Where American agencies are hitting back, they are often creating specific guidance for defensive network administrators.
The U.S. Federal Cybersecurity Infrastructure Security Agency or CISA recommends keeping “gold updates” of critical systems, making executables agile with high availability, and maintaining proper configuration while eliminating dependencies.
“It is critical to maintain offline, encrypted backups of data and to regularly test your backups,” reads a CISA resource. “Backup procedures should be conducted on a regular basis. It is important that backups be maintained offline as many ransomware variants attempt to find and delete any accessible backups. Maintaining offline, current backups is most critical because there is no need to pay a ransom for data that is readily accessible to your organization.”
“Ransomware is a growing cyber threat which compromises the safety of our citizens, the security of the online environment, and the prosperity of our economies,” Security Secretary Alejandro Mayorkas told reporters April 7. “It can be used with criminal intent, but is also a threat to national security.”
If you have tech holdings or want to get into stocks related to cybersec, keep this trend in mind. It may end up being one of the biggest aspects of keeping systems safe from attack in the years to come.
