A global coalition of tech companies and law enforcement agencies is calling for “aggressive and urgent” action against ransomware.
Microsoft, Amazon, the FBI, and the National Crime Agency of the United Kingdom have joined the Ransomware Task Force (RTF) to provide governments with nearly 50 recommendations.
Ransomware gangs are now routinely targeting schools and hospitals.
Hackers use malicious software to scramble and steal your organization’s computer data.
The RTF has submitted a report to President Biden’s administration.
“More than money is at stake,” he said in just a few years. “Ransomware has become a serious national security threat and public health and security concern.”
Jen Ellis, RTF Co-Chair of cybersecurity firm Rapid7, said: “Citizens are affected daily by this, which has a major impact on the economy and the ability of the general public to access important services.
“Not only that, but really tragically, the money that comes from the ransom paid fund other forms of organized crime, such as trafficking and child exploitation.”
The UK’s National Cyber Security Center, which is also a member of the Ransomware Task Force, says it handled more than three times as many ransomware incidents in 2020 as it did in the previous year.
“It felt huge”
“I got a call about an IT system issue last Sunday morning in October,” said Rob Miller, director of information and communications technology at Hackney London borough.
“It soon became clear that it was a serious cyberattack.
“We had to lock down all the systems and turn off the internet. We were very worried that nearly 300,000 residents are servicing 24/7.
“We knew there was a big challenge before us, and the entire council needed to come together across all departments to restore and implement key services as soon as possible. was.
“Housing repairs, payment of benefits, land registration, etc. were all affected, so the damage was huge.
“It will take months for us to fully recover, and I can’t understand the criminal motivation behind this.
“You sit there and see the impact on your community, especially during the pandemic.
“No one can imagine that it would be okay to do so much damage to the service at such times. It’s hard to understand.”
The secrets and stigma associated with ransomware attacks make it very difficult to calculate the true picture of the number and cost of attacks.
According to the FBI, about 2,400 US businesses, municipalities, healthcare facilities and schools were victims of ransomware last year.
Last year, RTF researchers confirmed that hundreds of large-scale attacks were carried out around the world, including the United Kingdom, Brazil, Germany, South Africa, India, Saudi Arabia and Australia.
Cybersecurity firm Emsisoft estimates that the true global cost of ransomware, including business interruption and ransom payments in 2020, will be as low as $ 42 billion (£ 30 billion) and as high as about $ 170 billion. ..
According to a Veritas Technologies survey, 66% of victims allow some or all of their ransom to be paid.
The RTF recommends that the government require victims to report any payments made to criminals.
“My company was dead”
“I couldn’t believe it when we were hacked,” says Martin Kelterborn, CEO of Offix Group in Aarburg, Switzerland, which was attacked in May 2019.
“I went to the IT department, but the manager was pale and obviously shocked. He told me it was all over. We encrypted all the product photos on the website one after another. I saw it live because it has been converted.
“230 employees asked what to do. We had tens of thousands of orders, but we didn’t have a computer system to sort them.
“At some point, my boss and I actually wrote a press release declaring that the company died and went out of business. They were the worst three weeks of my life.
“The hacker is a Ryuk ransomware gang and demanded that he pay 45 bitcoins (about $ 500,000).
“Yes, we considered paying, but in the end they actually destroyed much of our system, so we had to rebuild it anyway. Recovery cost about the same. : $ 500,000. “
Other RTF recommendations for government are:
-
Designate a ransomware attack as a national security threat
-
Create a “Response and Recovery Fund” to help victims of ransomware and help them recover
-
Tighten regulations on cryptocurrency services
-
Pressure on colluding countries or refuse to take action against domestic ransomware groups
For years, cybersecurity organizations have claimed that ransomware gangs are openly active in North Korea, Iran, and Russia.
Earlier this month, the U.S. government said the Kremlin would “train and hire criminal hackers, including the previously designated Evil Corp, to engage in destructive ransomware attacks,” several Russian entities Sanctioned.
Last week it was reported that the US Department of Justice formed an internal team to address the growing threat of ransomware.