Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

Why Is There A Surge In Ransomware Attacks?

Friday, August 13, 2021

Categories: ASCF News Cyber Security

Comments: 0

Source: https://thehackernews.com/2021/08/why-is-there-surge-in-ransomware-attacks.html

Photo: thehackernews.com

The U.S. is presently combating two pandemics--coronavirus and ransomware attacks. Both have partially shut down parts of the economy. However, in the case of cybersecurity, lax security measures allow hackers to have an easy way to rake in millions.

It's pretty simple for hackers to gain financially, using malicious software to access and encrypt data and hold it hostage until the victim pays the ransom.

Cyber attacks are more frequent now because it is effortless for hackers to execute them. Further, the payment methods are now friendlier to them. In addition, businesses are willing to pay a ransom because of the growing reliance on digital infrastructure, giving hackers more incentives to attempt more breaches.

Bolder cybercriminals
A few years back, cybercriminals played psychological games before getting bank passwords and using their technical know-how to steal money from people's accounts. They are bolder now because it is easy for them to buy ransomware software-as-a-service and learn hacking techniques from online video-sharing sites, like YouTube. Some cyber gangs are even offering their services for a business hacking set up for a fee, typically a share of the profits.

Cryptocurrency made the hackers bolder, as they can extort unlimited and anonymous cash payments. With the anonymity of bitcoin transfers, hackers found out they can demand higher amounts from their victims.

You can also blame the rise in cyberattacks on the behavior of some firms that are willing to pay millions of dollars in bitcoin. However, attacks will stop if firms and data security experts ensure that hacking will not be profitable anymore.

Are cyber attacks getting a higher profile or actually rising?
The answer to both questions is yes. Ransomware is becoming more common because it is straightforward to execute. Hackers use software to poke around security holes or by tricking network users using phishing scam tactics like sending malware that seem to come from a trusted source. In addition, some large companies have been lax with their network security protocols, which cybersecurity experts learned recently.

One such case is the supply chain attack at Colonial Pipeline, whose CEO Joseph Blount admitted before Congress that the company does not use multifactor authentication when users log in.

Based on the Internet Crime Report released in 2020, the FBI received close to 2,500 ransomware reports in 2020, 20 percent higher than the reported cases in 2019. The FBI also noted that the collective cost of the ransomware attacks in 2020 was close to $29.1 million. It is equivalent to a 200 percent increase over 2019, wherein the cost reached $8.9 million.

Another contributing factor to the rise in ransomware attacks is the growing number of online users. The coronavirus pandemic caused a spike in worldwide internet usage. Many students and workers are working and learning remotely.

Cybercrime Magazine predicts that ransomware will cost victims about $265 billion each year starting 2031. Attacks are likely to occur every two seconds as hackers refine their malware attacks and extortion practices.

Impact of ransomware on business
We already know how ransomware can have devastating effects on businesses, large or small. But it pays to be reminded time and again because even enterprises can become victims. Cybercriminals continue to exploit vulnerabilities in network security systems. In addition, many hacking gangs are using ransomware and denial-of-service attacks for financial gains.

Aside from the increasing occurrence of ransomware attacks, the cost of the attacks is growing as well. Ransomware paralyzes a company's digital network and associated devices. Because sensitive business data is breached, business operations, particularly for supply chains, are affected--thus, companies prefer to pay a ransom.

But theoretically, even if the company pays ransom, there is no guarantee that the sensitive data has not been copied. Likewise, there is no guarantee that attackers will return all the data or that the decryption key will work. In the case of Colonial, the decryption key hackers gave them after paying the ransom was too slow. So Colonial resorted to using their backup files. Kaseya, on the other hand, preferred to work with a third party for a decryption key.

Preventing ransomware infection
The FBI advises companies never to pay ransom to cybercriminals because it encourages them to launch more attacks. Some ways to prevent such attacks include:

Working with a cybersecurity firm that provides the best security system that fits a business' current and future needs is one of your primary options.
Staying vigilant is another way to thwart infection. If your systems are slowing down for no apparent reason, disconnect from the internet and shut it down. Then, you can call your network security provider and seek their help. The Biden administration encourages businesses to beef up their cybersecurity programs and review their corporate security plans. Further, you should cooperate with the FBI and the Ransomware and Digital Extortion Task Force of the U.S. Department of Justice.
Aside from the technical aspect of assuring cybersecurity, sometimes it pays to go back to basics.

Use security training so your employees will have a better understanding of the importance and meaning of cybersecurity. In addition, employees should learn to ensure the protection of the entire company from cyber attacks.
Train yourself and your staff not to click on links from unverified sources, as phishing emails are one of the methods to spread malware and make your company an easy target. Always scan emails, and notify employees of out-of-network emails.
Practice creating regular backups of your data. Have at least two data backups and store them at separate locations. Grant access to your backup only to your most trusted staff.
Use data encryption to protect emails, file exchanges, and personal information.
Ensure that you upgrade all your applications regularly so you can fix vulnerabilities.
Use password managers to ensure that all employees will have stronger passwords. Instruct employees to use different passwords to log in to the other applications you use in your company.
Conclusion
Ransomware attacks are rampant, due to their ease and profitability. Knowing about the activities of cybercriminal gangs and providing employee training on cybersecurity is vital. Combining technological expertise and basic security practices will help mitigate ransomware infection. However, it's important not to panic and know the security measures you should follow.

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.

Search