In 2021, ransomware attacks wreaked havoc all over the world.
From corporations-large or small to governments across the world, nobody was spared. In many ways it’s like the COVID-19 virus. The only way it varies from it is with regard to the sophisticated attacks. What once used to be the domain of a bunch of burger-fries soda drinking nerds has become organised. Security experts are of the view that we’re in the “golden era of ransomware” and 2022 could be among the worst years yet.
Surge in Ransomware Attacks
Between April 2020 and July 2021, according to the European Union Agency for Cybersecurity (ENISA), ransomware attacks rose 150 per cent. The US Financial Crimes Enforcement Network (FinCEN) analysis of ransomware-related Suspicious activity Reports (SARs) filed during the first half of 2021 indicates that ransomware is an increasing threat to the US financial sector, businesses and the public. The total US dollar value for ransomware-related transactions reported in SARs filed during the review period exceeds that of any previous year since 2011.
One major factor behind the surge is monetisation. Cybercriminals have walked away from single attacks with millions of dollars, according to ENISA. A case in point- Colonial Pipeline paid out nearly $5 million to end the attack that led to serious fuel supply shortages along the northern Atlantic seaboard, according to a report in HotHardware.
The US government is making efforts to counter this/ It has offered hefty bounties of up to $10 million for information that helps arrest or identify leaders of ransomware group REvil. Even with those offers on the table though, experts see ransomware increasing in 2022.
BlackBerry CISO John McClurg points to quantum computing potentially being leveraged to develop new ways to carry out attacks. One of the more controversial uses of quantum computing is its potential to break public-key cryptography. In just a few short years, security information stored by national and international intelligence will be easily decrypted through a powerful quantum computer. This will leave highly sensitive data vulnerable to threat actors, causing an enormous potential for widespread security breaches.”
The evolution will continue even further, they say. Joseph Carson, chief security scientist at ThycoticCentrify, anticipates ransomware groups to go so far as to extort organizations with a subscription model “in which you pay the criminal gangs not to target you”.
On October 13th and 14th, the White House National Security Council facilitated an international counter-ransomware virtual event with over 30 countries and the European Union, with the goal of accelerating cooperation to counter ransomware. The meetings addressed improving network resilience, addressing the financial systems that make ransomware profitable, disrupting the ransomware ecosystem via law enforcement collaboration, and leveraging the tools of diplomacy to address safe harbors and improve partner capacity.
Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger discussed how the administration is working closely with international partners to address the shared threat of ransomware and galvanise global political will to counter ransomware activities. Delegations recognised the importance of international cooperation to address the transnational threat from ransomware. Read more: https://cybersecurity.w.media/us-eu-30-countries-form-international-counter-ransomware-initiative/
In Australia, the Scott Morrison Government chalked out a new action plan to protect the community and economy from ransomware attacks, announcing new criminal offences, tougher penalties and a mandatory reporting regime as part of a new and comprehensive Ransomware Action Plan.
Minister for Home Affairs Karen Andrews said individuals, businesses, and critical infrastructure across Australia will be better protected as a result of the new Plan. “Ransomware gangs have attacked businesses, individuals and critical infrastructure right across the country,” Minister Andrews said.
As a part of the Ransomware Action Plan, the government will introduce a new stand-alone aggravated offence for all forms of cyber extortion to ensure that cyber criminals who use ransomware face increased maximum penalties, giving law enforcement a stronger basis for investigations and prosecution of ransomware criminals.
The Australian government will also introduce a new standalone aggravated offence for cybercriminals seeking to target critical infrastructure. This will ensure cybercriminals targeting critical infrastructure face increased penalties, recognising the significant impact on assets that deliver essential services to Australians.