Ransomware can be pretty disruptive as was evident from the attack on Colonial Pipeline. Thanks but no thanks to DarkSide ransomware operators who heavily impacted fuel distribution on the U.S. East Coast. However, certain recent ransomware incidents have been uncovered lately that make us ask, “Why is this ransomware crisis relentless?”
A brief glance into the incidents
Before dissecting the nature of ransomware, it is important we go through the biggest ransomware attacks this month.
- The REvil ransomware gang attacked JBS, the world’s largest meat processing company. The attack forced the company to shut down its Australian and North American IT systems.
- Another pipeline-focused business—Linestar Integrity Services—was hit by the Xing Team gang that stole 70GB of internal files and dumped them on the dark web.
Why does it matter?
These recent attacks signify that ransomware does not only affect the cybersecurity community but also the average person. Taking for instance the above attacks, it sheds light on how brittle supply chains are irrespective of what they involve. In addition, breaching another pipeline firm signals an emerging trend of hackers specifically disrupting the critical infrastructure.
Why are attacks suddenly so relentless?
- The foremost reason is the rise of new tactics. Operations have become more sophisticated than ever, with higher profits. Big game hunting has taken the front seat and triple extortion is the new norm.
- Now, everything is connected to the internet. However, with greater connectivity comes greater security concerns. Weak cybersecurity coupled with ubiquitous connectivity gives rise to vulnerable targets. Hence, the ransomware crisis has reached heights that no private sector is capable of solving on its own.
Ray of hope
- The Department of Justice (DOJ) unveiled that law enforcement agencies recovered $2.3 million in bitcoin paid by Colonial Pipeline as a ransom.
- According to Europol, law enforcement authorities made more than 800 arrests in raids at 700 locations worldwide under Operation Trojan Shield, wherein the police followed upon criminals’ activities via AN0M, an encrypted chat platform.
- One directive from President Joe Biden’s executive order on cybersecurity established a Cyber Safety Review Board (CSRB) in the Department of Homeland Security to investigate major cyber incidents involving government systems.
The bottom line
Ransomware attacks have become personal and certain attacks impact multiple countries with ripple effects. This hacking epidemic has well extended to the industrial backbone of the U.S. and other countries. Nevertheless, efforts to change the status quo have gained ground. But, the work has only begun and ransomware actors are stooping lower than ever.