This is an interesting article on the financial impact of ransomware on businesses by Rob Davies and Dan Milmo of The Guardian. I think the way they illustrate that these criminal gangs have shaped their operations to outwardly function as legitimate businesses, including having well spoken help desks to aid the payments of the ransoms, shows that these are not casual hackers in a dark rooms, but people in it to make serious money.
How the growing Russian ransomware threat is costing companies dear | Cybercrime | The Guardian
The article also raises the questions:
- If a business pays the ransom does that encourage the hackers to try again – on another business or even the same one if they have not improved their defences?
- What impact is there on the hacker’s actions if insurance companies pay the ransoms?
I have my suspicions that paying up only encourages the hacker’s behaviour.
The closing paragraph of the article leads nicely into some promotion for our services:
“Helge Janicke, research director of the Cyber Security Cooperative Research Centre in Australia, stresses the need for “awareness of your workforce, having effective technical controls and integrating ransomware attacks in your organisation’s incident response and disaster recovery plans”.”
So do you have a plan to combat and respond to ransomware?
Do you have a master document that outlines the cyber security risks and responses for your organisation?
Ask yourself the simplest of cyber security questions, “Is my back-up complete and ransomware resilient?”.
Update 7 February 2022 Here is another example of a ransomware gang acting like a legitimate business:
Clive Catton MSc (Cyber Security) – by-line and other articles