Despite Washington’s recent efforts to expand cybersecurity regulations and disrupt hacking gangs, ransomware continues to spread and executives report that their companies are uneducated in averting the threat.
The number of ransomware attacks against US companies has continued to rise this year, cybersecurity experts say, while some lawmakers warn that the government has limited visibility into such hacks. Companies that have rapidly digitized their operations during the pandemic are spending more time and effort navigating a rapidly changing and treacherous ransomware landscape.
According to a survey of more than 660 individuals published Thursday by Marsh & McLennan Co.’s insurance brokerage and Microsoft Corp.
“It reflects that, despite the significant amount of time, energy and resources organizations spend on cyber, the risk environment continues to evolve and expand, making it difficult to anticipate or overcome it,” said Thomas Reagan. , cyber risk practice leader for the US and Canada at Marsh.
Verizon Communications Inc.’s
The annual Data Breach Investigations Report, published last week, found that ransomware involvement in data breaches increased by 13% in the past year, more than the increase in the previous five years combined.
Many attacks have remained relatively simple and have been based largely on human error rather than technological prowess, said Sowmyanarayan Sampath, chief revenue officer at Verizon.
“It’s not James Bond stuff,” he said.
The pandemic forced many companies to refocus their security postures to protect employees who work remotely and outside traditional corporate cyber defenses. That shift, coupled with the growth of criminal operations involving ransomware, has contributed to a sharp increase in such attacks during the pandemic.
Criminal groups demanded ransoms of up to tens of millions of dollars to unlock the data of some companies, forcing critical infrastructure managers like Colonial Pipeline Co. and meat packer JBS Foods SA were disrupted last spring. The spate of incidents last year prompted Christopher Wray, director of the Federal Bureau of Investigation, to compare the challenge posed by ransomware to that of the September 11, 2001 terrorist attacks.
Researchers from security firm Sophos Inc. say that as ransomware becomes more prevalent, hackers are increasingly specializing in specific tasks, such as accessing computer systems or deploying malware, to work more efficiently.
As a result, corporate security teams are “facing more attacks that are evolving at an accelerated pace,” leading to employee burnout and layoffs, said Patrick Gaul, executive director of the National Technology Security Coalition, an advocacy group for chief executive officer. information security officers.
Washington has attempted to counter the threat by collaborating more with corporate security teams and unveiling a menu of more aggressive public and private sector standards.
Regulators have issued first-of-its-kind cyber rules for oil and gas pipelines, lawmakers have passed new rules for critical infrastructure companies to report breaches, and the Department of Justice and other agencies have stepped up their efforts to disrupt criminal groups abroad. The Cybersecurity and Infrastructure Security Agency, or CISA, announced last week that it was setting up a ransomware task force.
The government is likely to be aware of only a quarter of such incidents due to corporate underreporting and disclosures scattered across several federal agencies, according to a report released last week by the Senate Homeland Security Committee.
The lack of visibility hampers efforts to help victims and obscures the full economic impact of ransomware attacks, the report finds.
According to Chainalysis Inc. In 2020, victims sent at least $692 million worth of cryptocurrency to virtual wallets affiliated with such hackers. $602 million – likely to surpass 2020 figure as more digital ransoms are tracked over time.
A top cybersecurity official in the Biden administration has said the attack has slowed down in recent months during Russia’s invasion of Ukraine.
Rob Joyce, director of cybersecurity at the National Security Agency, said this month at the Cyber Initiatives Group’s spring summit that repeated warnings from CISA helped companies strengthen their defenses against potential hacks. Sanctions imposed on Russia, where researchers believe many ransomware gangs are active, may have made it more difficult for criminals to monetize successful attacks, he said.
But cybersecurity experts don’t see this as a time to be less vigilant.
“If anyone thinks that ransomware attacks are diminishing or disappearing, I’d say that idea is absurd,” said Errol Weis, chief security officer of the Health Information Sharing and Analysis Center, a nonprofit organization that coordinates the security of healthcare organizations.
The NSA declined to comment. “Ransomware continues to be a threat that affects too many organizations,” Eric Goldstein, executive assistant director of cybersecurity at CISA, said in a statement.
write to James Rundle at firstname.lastname@example.org, David Uberti at email@example.com and Catherine Stupp at Catherine.Stupp@wsj.com
Copyright ©2022 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8