👾 Axios AM Thought Bubble: Ransomware is unsquashable

New targets | Friday, April 28, 2023

Alerts   View in browser   Presented By At-Bay   Axios AM Thought Bubble By Mike Allen · Apr 28, 2023 Happy Friday. Axios Codebook author Sam Sabin is here with the scoop from this week's RSA Conference — a top annual cybersecurity gathering, held in San Francisco. Smart Brevity™ count: 488 words ... 2 mins.     1 big thing — Ransomware: A forever problem Illustration: Aïda Amer/Axios   Ransomware — a novelty just a few years ago — is now endemic, like COVID. We'll have to learn to live with the malicious file-encrypting code, even as we struggle to limit it. Why it matters: Ransomware attacks, which take an organization's data hostage and shut down its systems until the hackers receive payment, have exacted an escalating price on law enforcement, policymaking and financial resources around the world. It remains the top threat on the minds of cyber defenders at this week's RSA Conference in San Francisco, the cybersecurity industry's highest-profile annual gathering. What's happening: Rob Joyce, the NSA's director of cybersecurity, told reporters during a briefing at RSA that Russian hackers are now weaponizing ransomware in attempted attacks against Ukrainian logistics supply chain companies, as well as organizations in Western-allied countries. Cybersecurity firm Sophos said in a report released Tuesday that 68% of cyberattacks last year involved ransomware. A panel on the last day of RSA acted out what the federal response to a hypothetical, Iran-backed ransomware attack on U.S. banks in 2025 might look like. How it works: A ransomware attack typically starts with malicious hackers installing file-encrypting malware onto an organization's networks and then displaying a ransom note on every screen. To unlock the networks and prevent a leak of any stolen data, ransomware gangs demand payment, often in the form of cryptocurrency. In recent years, ransomware has infected schools, hospitals, small businesses and more. Between the lines: Conversations about ransomware at RSA have shifted from viewing it as an easily squashed nuisance to seeing it as a persistent threat. Following the ransomware attack on Colonial Pipeline in May 2021, U.S. officials were quick to make ransomware a national priority. President Biden even started engaging with Vladimir Putin to try to get him to crack down. Ransomware now is treated like any other crime that's not expected to be easily solved or to vanish after a couple of key arrests, experts told Axios. Zoom out: Many ransomware operators are based in Russia, where the Kremlin tends to turn a blind eye to cyber criminals targeting Western countries. Ransomware gangs are well-organized, making them adept at rebranding and reshuffling in the face of law enforcement heat, John Dwyer, head of research at IBM's X-Force, told Axios. Organizations still struggle with basic cyber hygiene to protect themselves. 🥊 Reality check: Government sanctions, internet server takedowns and criminal arrests have slowly but steadily reduced businesses' willingness to pay ransomware gangs, Tom Hofmann, chief intelligence officer at Flashpoint, told Axios. The number of ransomware attacks dropped 15% between 2021 and 2022, according to recent data from Google-owned threat intelligence firm Mandiant. But that came after they skyrocketed the year before. Get Axios Codebook.     A message from At-Bay InsurSec is the fix for broken SMB cyber security     InsurSec brings together security and insurance to better protect businesses from cyber risk. What's in it for you: Prevention and detection technology. Expertise from cyber professionals. The backing of an insurance company. Learn how it works.   Are you a fan of this email format? Your essential communications — to staff, clients and other stakeholders — can have the same style. Axios HQ, a powerful platform, will help you do it.   Axios thanks our partners for supporting our newsletters. Sponsorship has no influence on editorial content. Axios, 3100 Clarendon B‌lvd, Arlington VA 22201   You received this email because you signed up for newsletters from Axios. To stop receiving this newsletter, unsubscribe or manage your email preferences.   Was this email forwarded to you? Sign up now to get Axios in your inbox.   Follow Axios on social media: