Why ransomware attacks keep happening

Based on reporting and our own observations, here are some reasons why ransomware isn’t letting up any time soon:

• Cyber liability insurance policies with ransomware/extortion policies in them have incentivised attackers. The bad actors know that if their victim organization has a cyber extortion policy, they’ll be paid.
  

• Some industries, like healthcare, may end up paying because it’s absolutely critical that they have access to vital information that can affect peoples’ lives.  The same goes for critical infrastructure as we saw with Colonial Pipeline.  Other targets such as schools, or municipalities, are sitting ducks because they are understaffed, under trained, and may not have all of their systems updated. The same is true of small businesses.

• Nation state threat actors, such as Russia, are pretty friendly with criminal hacker groups and won’t prosecute them as they either indirectly/independently act on the interest of the government or they get their marching orders directly from the Kremlin, if we’re using Russia as an example.
• There’s money to be made, especially from larger organizations as the attacks grow in size and sophistication.

• We are becoming more and more connected with devices. As more things like cars, light bulbs, refrigerators, climate control, locks, medical devices, and anything else we can think of connecting to a network, this broadens the attack footprint. It provides more opportunities to hold these devices and systems ransom.

Here in the US, insurance companies are scrutinizing companies more when they apply for cyber liability/cyber extortion policies. Global insurance company AXA said in May that it is refusing to write any of these policies now for companies based in France, according to the the Associated Press.

The situation is a mess. While we don’t have all the answers on how to stop paying the ransom, aside from not paying the ransom, we can help with assessing the external risk to an organization.  Check out our business services and contact us below to see how we fit into your cyber security strategy.