How often have you been told, “Sorry, our computer systems are down?” Often, these cybercrimes (which affect schools, hospitals, businesses and more) result from ransomware gangs encrypting data and demanding payments to restore access.
“We’re definitely not winning the fight against ransomware right now,” says Allan Liska, a threat intelligence analyst at Recorded Future.
High-profile incidents, like the 2021 Colonial Pipeline attack, have led to significant disruptions and emergency measures. However, most ransomware incidents, such as recent attacks on UK hospitals, don’t make headlines. Brett Callow from Emsisoft highlights a visibility issue: Many organizations don’t report attacks, making it difficult to track trends accurately. It doesn’t help that gangs are becoming more aggressive, using tactics like public data leaks on “shame sites” and direct threats to victims.
Experts fear these threats could soon lead to real-world violence. Liska notes the overlap between ransomware gangs and other criminal networks offering violence-as-a-service. Despite some successful law enforcement operations, like Operation Cronos and Operation Endgame, which disrupted major ransomware groups and arrested affiliates, the problem persists.
Read the full story on Wired.
What’s the lesson here?
Ransomware gangs often operate like startups, with recruitment and 24/7 support for their software, making them resilient to disruptions. If your organization falls victim to a ransomware attack, maintaining a secure backup of your business-critical data will ensure that you can recover quickly while mitigating the risk of downtime.
What other topics are trending?
- Security bug allows anyone to spoof Microsoft employee emails: The bug, discovered by a researcher and shared on X (formerly Twitter), will allow for more sophisticated phishing attempts—adding to Microsoft’s long list of recent security problems.
- Hybrid work is the leading cause of the uptick in network security threats: Research from Daisy Corporate Services shows that 85% of UK organizations surveyed regard remote and hybrid working environments as the biggest contributor to heightened threat levels.
- Change Healthcare lists the medical data stolen in ransomware attack: The 6TB data breach, which occurred against the payment exchange platform in February, included health insurance information, billing information, personal information like Social Security numbers, and more.
The Soapbox: Online conversations you can’t afford to miss
Featuring insights from our Co-Founder & CTO, James Ciesielski.
2024 Tech Industry Layoffs Approach the 100K Mark
James’ take: “Change is inevitable—but how you deal with that change is what truly speaks to the strength of your organization. When someone leaves, how is their knowledge maintained? Does it live within people’s heads or are you sharing it amongst your team? Building resilience against the backdrop of a volatile economic landscape is key to maintaining your company’s culture moving your business forward.”
Join the conversation on Reddit.
What are you doing about deepfake security awareness?
James’ take: Rewind is a hybrid company, which means that we often come up against the issue of how to authenticate our employees who are working abroad. Something as simple as a request for help can lead to a flurry of checks and balances, starting with a Slack message and leading to a phone call or video conversation where we need to ask a personal question to ensure the person is who they say they are. AI has made it so extra defenses are necessary; it’s not enough to rely on someone’s voice or even their virtual presence for identity verification anymore. We’re not perfect, but we’re strengthening the muscle, and that’s enough for now. I encourage other orgs to bake deepfake security awareness into their company culture; eventually, it will become second nature—which is exactly what cybercriminals don’t want.
Join the conversation on Reddit.
Subscribe to Retro for more!
Like what you just read? Subscribe to Retro so you don’t miss any of our industry’s top stories and conversations.
Miriam Saslove">
