The Colonial Pipeline attack on May 7 was a watershed moment in the universal fight against ransomware attacks. It was the first incident in which the ransom paid to attackers was recovered. The attack on Colonial impacted the fuel supply chain, leading to a temporary fuel shortage along the Northeast coast of the U.S. The pressure was building for Colonial Pipeline and their CEO, Joseph Blount, had to make a difficult decision – paying up. In an interview with the Wall Street Journal, Blount acknowledged he authorized the ransom payment of 75 Bitcoin, which is approximately $4.4 million. A few weeks later, the Department of Justice and the FBI announced that they recovered most of the ransomware amount.
In his blog post dated June 16, Brian Krebs, Editor of KrebsOnSecurity, reported that the Ukraine Cyber Police arrested six people from the CLOP ransomware group. The gang reportedly extorted more than half a billion dollars from victims.
Ransomware attacks are now an everyday occurrence. A report from Cybersecurity Ventures estimated a ransomware attack on businesses every 11 seconds in 2021.
While there are numerous debates about whether impacted companies should be paying the ransom, we could soon have legislation for this. Last year, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) published an advisory informing the public that the payment of ransom demanded by cybercriminals may be a violation of U.S. law.
For sure, there will be more ransomware attacks in the coming months. The adversaries see this as a lucrative opportunity, more so now, when the pandemic has office workers at home, with weak security on their home networks. Ransomware gangs are getting more organized with affiliate programs. They now offer Ransomware-as-a-Service — case in point, the DarkSide ransomware group that brought Colonial Pipeline to its knees. Read more about this in an article in the Insight section: “The Vulnerabilities that Open the Door to Ransomware.”
We’re happy to announce that the July 2021 issue is CISO MAG’s fourth-anniversary issue, which includes interviews with a diverse and rich mix of topics and conversations that include 5G security, encryption and cryptography, incident response, vulnerability disclosure, API security, IoT device security, backup strategies, insider threats, and the latest cyberthreats.
We hope you enjoy reading all the interviews and stories in this issue.
To get a copy Subscribe Now!