Recent ransomware cyberattacks on critical resources create alarm bells at the national and international levels. In the US, the FBI (The Federal Bureau of Investigation) is investigating the recent cyberattacks, and the White House informs businesses and government organizations to take ransomware crime seriously.
There Is not another day that we hear about cyberattacks in the news. My technology news feed has at least a few articles about ransomware attacks each day. Unfortunately, the attacks have intensified within the last month. I posted another article about this issue and required precautions for risks on News Break last month.
For example, the recent attacks in early May caused the largest pipeline in the US to shut down. Another significant incident on 31 May was JBS (the world's largest meat processor). Revil ransomware groups attacked both American and Australian IT systems.
The most recent one last Wednesday was when ransomware attacks hit Massachusetts' largest ferry service. This incident affected the ticketing processes, including online and phone reservations.
One recent news item on social media pointed out that the FB and the Australian Cyber Security Centre (ACSC) warned of an ongoing Avaddon ransomware campaign targeting organizations from the US, Australia, and other countries.
Ransomware is not just a simple computer virus anymore. It does not just target computer users and small organizations as it used to. A few years ago, these virus attacks primarily targeted small organizations and individuals, but now they have started to target large organizations and critical country resources, causing life-threatening situations.
Worst of all, ransomware attacks are not just for money affecting computer systems, but they are causing physical damages such as in hospitals and nuclear stations in various countries.
It is believed that there is a massive global infrastructure behind ransomware attacks. In addition, some press and social media discussions indicate that there might be tight organizational activities such as ransomware departments with strong technical development capabilities, financial power, public relations, and negotiation skills.
Allegations point out that there may be international organizations behind target attacks on critical resources of the United States. These attacks are targeting the nation's survival systems. For example, several news items pointed out orchestrated activities by cybercriminals are believed to be Russian-based.
So ransomware is not a technology issue anymore. Instead, it has economic, political, and health implications.
Until recently, we see ransomware as a simple technology issue; therefore, IT (information technology) departments have been working and educating their users to be careful. However, IT input is not enough anymore. It is an organizational issue, especially in large business and government organizations, including at the state and federal levels.
Ransomware awareness must be at least on the CISO (Chief Information Security Officer) agenda in large business and government organizations. However, considering the impact and implications of attacks, more importantly, awareness must be created at other CxO levels, including senior executives and CEOs.
Technically, ransomware is not too complicated. It is another virus, but its organization and motives make it complex and challenging to solve.
Like dealing with the pandemic with basics such as creating social distance, wearing a mask, washing hands, and other simple procedures, dealing with ransomware also depends on simple actions by computer users.
Ransomware attacks target vulnerability in weak technology systems. Precautions and preventive measures are all about the way we use technology.
Simple procedures like security controls with solid password management, being aware of suspicious links and phishing attacks associated with malicious websites disseminating malware. One of the most effective ways is the use of two-factor authentication.
Solutions are simple, but they require collective awareness and discipline.
To conclude, ransomware attacks are not simple cyberattacks anymore. They target large organizations and mission-critical resources. They impact our survival.
Employee education can certainly help to some extent, but further measures by technology and governance executives are essential.
There will always be a risk. However, to reduce the impact of ransomware damage, the best solution is to back up our PCs and work systems. This precaution will allow us to recover quickly and get back to our business when affected by cyberattacks.
Thank you for reading my perspectives.
Leveraging Ethical Hacking for Cybersecurity Requirements of Digital Ventures: Cybersecurity is a global concern and multi-billion-dollar industry.