As the problems caused by ransomware continue to make headlines, the stakes were raised considerably in early May with the news that a coalition of more than 60 organisations around the world, including Amazon, Microsoft, the UK National Crime Agency and the FBI, had collectively labelled the issue a ‘national security threat’.
In releasing a set of recommendations to address a range of urgent issues, the Ransomware Task Force (RTF), called on governments to take action, also describing ransomware as a danger to public health. These risks are growing, and as discussed by guest writer John Noble in his recent Glasswall blog, attacks on national healthcare systems are having a serious impact, evidenced by the situation seen in France.
As he explained: “According to the French cyber security agency, the National Information Systems Security Agency (ANSSI), ransomware attacks in France increased by 255% last year compared to 2019. Whilst not all these attacks were on healthcare, there were at least 27 significant cyber-attacks on French hospitals in 2020. According to the French government, the number of attacks has dramatically increased in 2021 with an average of a major attack against a hospital every week.”
The pressure for action created by the RTF, therefore, is a significant development, not only because it brings the issues to the attention of authorities worldwide, but because the evidence continues to stack up that ransomware has become a lucrative ‘go to’ tactic for cybercriminals globally.
For example, the recently published Sophos State of Ransomware Report 2021 revealed that 37% of organisations were hit with ransomware in the last year and on average only 65% of the data encrypted in attacks was restored after the ransom was paid, but worse still, 92% who paid didn’t get all of their data back. Given that more organisations see payment as their preferred or only option, with 32% taking the decision to pay up compared to 26% a year ago, any organisation pursuing a reactive strategy to ransomware is battling the odds at every turn.
Given that cybercriminals now routinely rely on files and documents to conceal ransomware code, file-based threats are increasing faster than ever and with global trends like hybrid-remote working, the threat landscape is becoming more sophisticated and complex.
As a result, reactive detection-based security solutions can’t keep up, with antivirus and sandboxing solutions putting organisations at risk for up to 30 days or more, disrupting productivity and creating serious cybersecurity blindspots. To read more about how Glasswall CDR technology instantly cleans and rebuilds files to match its known good industry specification – automatically removing potential threats, click here.
