Until we make one modification, the ransomware issue won’t be resolved.
Rarely do ransomware victims acknowledge assaults in the media. More transparency would benefit everyone.
One of the biggest cybersecurity problems we currently face is ransomware, in which hackers target important infrastructure such as businesses, schools, hospitals, and more to encrypt files and demand a ransom in exchange for the decryption key.
Many victims pay these ransoms despite being advised against doing so because they believe it will quickly restore their network, especially if the cybercriminals are also threatening to disclose stolen data. The attack cycle will yet continue as a result of ransomware groups leveraging their illicit profits to fund even more daring attacks.
Beyond this, there is a different issue. It’s challenging to gain a clear picture of what’s really going on because many ransomware occurrences are just kept quiet. Even when businesses do acknowledge a cyberattack, they frequently give unclear descriptions of what transpired and appear very hesitant to label any occurrence as a ransomware attack.
Examples of words made by victims of ransomware attacks to characterise what occurred include “severe cyber attack,” “cyber incident that has caused significant interruption,” and “data being encrypted by a third-party.” However, none of these statements specifically mention ransomware.
Some victims eventually speak up more about what happened, although this usually happens months or years after the occurrence, and some victims never even accept the ransomware was to blame.
Even if it’s obvious that it’s a ransomware attack by reading between the lines of the hazy claims like a “sophisticated cyber incident” that has “disrupted services,” it’s annoying not being able to receive a complete and accurate picture of what’s happening.
Additionally, everyone loses out when ransomware attacks and other cyber disasters are not disclosed.
I’ve spoken with victims of ransomware attacks who are prepared to speak on the record about what happened after the crisis has passed. It’s intriguing to hear CIOs and CISOs open up about what happened. Some victims are quite fast to disclose that it’s ransomware.
The reason these cybersecurity leaders are speaking up about the ransomware attacks on the organisations is because they want to assist prevent others from becoming the next victims by sharing the lessons they’ve learned about fortifying cyber defences to stop such instances in the future.
Lessons like timely security patch installation, multi-factor authentication (MFA) for network users, and routine backup updates are actions that can help halt ransomware assaults in their tracks. The ideal moment to act is also before the attack happens.
Ransomware isn’t only a technical issue; in the end, everyone is affected by these intrusions, and we are frequently in the dark about why the services we depend on are down.
In some cases, it appears that this is already beginning to change. For example, when Los Angeles Unified (LAUSD), the second-largest school district in the US, recently came under ransomware attack, it immediately informed the relevant authorities and kept the general public informed of the development.
Director of the Cybersecurity & Infrastructure Security Agency (CISA), Jen Easterly, praised LAUSD’s strategy and said it was a “great example of how to keep stakeholders informed, including potential impacts & what to expect next.” She added that LAUSD “clearly knows the value of transparency when responding to a cyber incident – their speed, clarity & focus on partnership is commendable.”
Although responding to a ransomware attack might be difficult, how businesses frame the situation is just as crucial as their technological response. They can actually produce good feedback and demonstrate that ransomware gangs are not always to be feared by outlining what happened and how the problem was resolved.
Additionally, it might help others avoid experiencing the same outcome. A greater degree of attack openness will benefit everyone in the fight against ransomware.