CIOInsider India Magazine

Halfway through 2021 and the globe is already befouled with ransomware attacks that have risen at an alarming rate of 93 percent according to the latest findings by Check Points mid-year security report. What’s even worse is that these attacks get their boost from a technique called ‘triple extortion’. This is when there’s already data theft happening at a large sum, organizations are being threatened of data leakage for a ransom. Currently, the same threat is being shot at an organization's customers, vendors, partners, and those alike.

When every resort failed, a lot of organizations gave in to those demands, only to find out that not even a full recovery of data was made. Usually, most organizations seldom disclose the extent of the breach they withstood, excluding the impact of exposed data, downtime, and disruption.

Much of the many issues keeping nations busy, and of course, dealing with the ever-persistent coronavirus. Ransomware attacks are deploying every opportunity they can fit their attacks in. Perhaps one of those popular attacks is disguised as campaigns and emails carrying details regarding COVID-19. Little do employees of a company or companies, in general, know that cyber felons had sneaked in their poison that infiltrated by wreaking havoc into the systems. Ransomware attacks during the pandemic could be a tough stain to clean, but it was during these times that these attacks surged. A report by Skybox Security indicates that ransomware during the pandemic with new samples increased by 72 percent. This falls true when peculiar names such as LemonDuck are on the popularity wheel. With the way the coronavirus is rampaging the world, cyber felons are using the chance to unleash their attacks in every way they could inject their fangs in.

At the same time, organizations have made numerous attempts to curb those attacks. Some prevailed while others failed. But when the situation appeared overwhelmingly out of hand, with attacks on the rise, this is when big techs decided to gather at the US WhiteHouse to hold serious talks with the president.

Big Techs and the US President Talk Cybersecurity Solutions
To combat the ransomware attacks, big tech CEOs namely Apple's Tim Cook, Microsoft's Sathya Nadella, Amazon's Andy Jassy, and others are coming together to hold a meeting with the US president Joe Biden. Since software and cloud providers such as the aforementioned firms have largely been victims of cyber attacks in Russia and China. Other big techs including Google, IBM, JPMorgan Chase, and energy firm Southern are also given the memo to this assembly.

Since energy firms have often fallen prey to ransomware and cyber attacks, talks will be held around it, especially around the Colonial Pipeline Co issue. Other sectors which have also been prey to such attacks like banks, the water utility, and those that play a critical role in a nation’s economy will be discussed as well.

For a while now, cyber security has become the most talked-about topic among not just big techs alone, but almost every tech and non-tech organization which deploys tech including the government.

Since cases such as the Solar Winds attacks, the PrintNightmare vulnerabilities, and the Pegasus iPhone attack have raised major red flags among governments and large organizations. As these attacks highly target security and trouble in that area could not only make the company suffering the attack go downhill, but will affect the economy of the nation as well.

It was only a month or two ago did that US President Joe Biden sign a national security memorandum by launching a new public-private initiative that ‘performs controls’ over cyber security at America’s most vital companies, especially water treatment and electrical power plants. This announcement surfaced above no sooner when cyberattacks crippled the nation’s companies, government agencies, especially that of the Colonial Pipeline incident.

Words buzzing around this meeting are those big techs who would most likely talk about software being better security in the supply chain.

Ransomware Attacks Are Now Viewed Equal to Terrorism
A cybercriminal cell-based in Russia invaded a pipeline operator on the US East Coast last month, locking its systems and demanding a ransom. The invasion resulted in a multi-day outage, a surge in petrol prices, panic buying, and regional fuel shortages in the southeast. Colonial Pipeline says that the hackers who broke into their networks were paid approximately $5 million, which is around Rs.36 crores, to recover access.

In the aftermath of the Colonial Pipeline issue and the rising harm caused by cyber felons, the US Department of Justice is sniffing deep into ransomware attacks the same way it does to terrorism.

Information about ransomware investigations in the field is said to be centrally coordinated with a newly formed task force in Washington, according to internal advice provided to US attorney's offices across the country.

"It's a special process that tracks ransomware incidents regardless of where they may be referred in this country. You can make the connections between actors and work your way up to disrupt the entire chain”, said John Carlin, principal associate deputy attorney general, Justice Department.

It’s now heard that the decision by the Justice Department to include ransomware in this particular process demonstrates how the issue is being prioritized.

According to Carlin, the same model was used when terrorist attacks took place. It was for this matter, the process was saved for a list of other topics, including matters that talk big about national securities.

Spilling a short detail about this process speaks about sharing of updated case details with of course some active technical details to the heads housed in Washington by investigators in the US’ attorney offices. Cases involving anti-virus services, criminal online forums or marketplaces, cryptocurrency exchanges, bulletproof hosting services, botnets, and online money laundering services are among the investigations that now require central notice. Bulletproof hosting services are opacity Internet infrastructure registration services that assist cybercriminals in conducting breaches anonymously.

The Department of Justice emphasizes the need for corporations and government entities to treat this as a serious issue. Organizations can achieve this by following the White House's best practices, such as regularly testing their incident response strategies. This will assist them in identifying weaknesses in their defenses. Organizations are also expected to think about segmenting their networks as well. This safeguard is necessary to prevent an infection from spreading to other corporate assets. Data backup can be utilized to restore the impacted portion of the network while keeping at least some of their business activities, thanks to network segmentation.