Ransomware payment bans need universal buy-in


Banning ransomware payments is the only viable deterrent to cyber criminal gangs in the long term. Recent attacks on the British Library, Boeing, and even government departments indicate the ongoing popularity of this brutal form of cyber attack.

The most obvious point in favour of enacting a blanket ban on ransomware payments is that it would strip the pockets of threat actors. When organisations make a ransomware payment, they are funding future attacks and paying for the development of criminal activities.

Here at Egress we’ve spent time analysing the criminal ecosystem, and we know cyber criminals are investing time, money and effort into any activity that produces revenue, which is exactly what ransomware does!

Another angle we must consider is that paying ransomware demands puts a bright red target on an organisation’s back, unfortunately showcasing that an organisation which has previously paid up is ultimately willing to engage with criminals.

Not only does this put victims at a higher risk of double or triple extortion from one incident, but as threat actors will sell information to other gangs, news of a company’s forced co-operation will spread to the broader criminal ecosystem. The potential to rinse and repeat is virtually endless until a company stops paying or goes bankrupt.

I clearly agree with Ciaran Martin’s call to ban ransomware payments, but it’s only effective if all organisations buy in. The level of disruption cyber criminals would experience from a ban would be hugely frustrating to them; as a community, we’d undermine decades of threat actors’ research and development, which would be a colossal win for the safety of companies across the globe.

As long as there’s a chance that organisations will keep paying sizable ransoms and where there are vulnerabilities that can be exploited, cyber criminals will continue to leverage this type of attack. Banning ransomware payments will decrease the success of one of the most trusted weapons in these gang’s arsenals.

Jack Chapman is vice president of threat intelligence at Egress.



Source link