![]() As companies and governments move to respond to similar threats, easy solutions and silver bullets are yet again touted, but tangible progress remains elusive. 1 Charlie Osborne, “Updated Kaseya Ransomware Attack FAQ: What We Know Now,” ZDNet, July 23, 2021, Liam Tung, “Kaseya Ransomware Attack: 1,500 Companies Affected, Company Confirms,” ZDNet, July 6, 2021, Breaking Trust, Atlantic Council, March 29, 2021. In July 2021, when the REvil ransomware group exploited a vulnerability in Kaseya’s VSA software to stealthily distribute ransomware to a number of managed-service providers-and, in turn, thousands of their customers-it was a reminder of the dire state of software supply-chain security and a wake-up call about the potential disruption that attacks of this nature could wreak on a wide scale. Therefore, this strategy fits within the understanding that strengthening cybersecurity is a process of marginal improvement, rather than anything resembling absolute victory. Success in reducing the value of ransomware-shrinking potential for payoffs and hardening the technology base used by potential victims-offers much more wide-ranging protection and value to defenders. Success in reducing the frequency and severity of ransomware will likely encourage movement to other means of cybercrime. Third, the United States should address the conditions under which ransomware groups are given freedom to operate, and apply pressure on safe-haven states that either actively or passively support their activities. ![]() Second, the United States must employ both active and passive measures, prioritizing system security and resilience, while also imposing costs on individual ransomware operators and groups. ![]() First, ransomware payment should not be banned as a first step. While ransomware and aircraft hijackings defy any one-to-one comparison, three lessons from combatting aircraft hijackings could inform an effective ransomware strategy. Both activities pose challenges to defenders, which must defend all access points, while an attacker need only exploit one to be successful. Like the contagion effect of successful aircraft hijackings, ransomware successes beget imitation and evolution. This extortion is utilized by organizations to both fund future operations and achieve a range of strategic objectives. Importantly, in most cases, ransomware and aircraft hijacking are both tactics of extortion. To more effectively counter ransomware, the US government should develop a strategy that draws on lessons learned from addressing a surge in aircraft hijackings through the late 1960s and early 1970s. These events do not emerge in a vacuum, but are products of structural problems, some of which are similar to past surges in extortion crimes that the United States, along with its allies and partners, countered successfully. Ransomware has plagued organizations for more than a decade, but the last three years have experienced a surge in both the number of incidents and the ransoms demanded.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |