The war on ransomware continues to escalate.
The year 2020 was historic for the global COVID-19 pandemic. Last year was also the worst year ever when it came to malicious software attacks on companies, governments, and organizations, including the SolarWinds hack, which recent HIPAA Critical podcast guest Greg Reber called “the biggest information breach that we’ve ever seen.”
The year 2021, it seems, is on track to be even worse.
A united federal front
In the past few months, the U.S. government has massively stepped up its efforts to combat ransomware, enlisting a wide range of federal agencies.
In April, the Ransomware and Digital Extortion Task Force was formed, bringing together FBI agents and Justice Department prosecutors to coordinate the U.S. response to ransom attacks.
The Department of Homeland Security (DHS), meanwhile, launched a multi-phase cybersecurity initiative, with one of the first 60-day sprints dedicated to ransomware.
Even the largely independent National Institute of Standards and Technology (NIST) launched an information campaign against ransomware.
A ransomware epidemic
Ransomware attacks have had a massive impact on the American economy, and even everyday citizens.
A major American oil pipeline was knocked offline by ransomware in May, constraining the fuel supply across the southeast U.S. and prompting record-high gas prices. Soon thereafter, ransomware took out the world’s largest meat supplier, disrupting food processing and distribution nationwide.
And just last week, New York City officials revealed that its public transit authority had been hacked, marking the third known cyberattack on U.S. transportation infrastructure.
Indeed, as the worst criminal actors are often traced back to foreign nations hostile toward the U.S., there are increasing calls for the military to join the fight.
Ransomware on par with terrorism
On Thursday, Reuters exclusively reported that the U.S. Department of Justice has elevated its investigations of ransomware attacks to a level more commonly reserved for terrorism investigations.
According to an internal report, later published in full, the move is designed to enhance and centralize internal tracking at the department so that it can “make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face.”
The types of cases now subject to this reporting requirement include anti-virus countermeasures, black market forums or marketplaces, cryptocurrency exchanges, decentralized hosting services, botnets, and money laundering services.
The report specifically cited the Colonial Pipeline hack as an example of the “growing threat that ransomware and digital extortion pose to the nation.”
White House sounds the alarm
That same day, the White House issued an open letter to U.S. businesses, urging them to prioritize their cybersecurity efforts.
“Much as our homes have locks and alarm systems and our office buildings have guards and security to meet the threat of theft, we urge you to take ransomware crime seriously and ensure your corporate cyber defenses match the threat,” wrote deputy national security advisor Anne Neuberger.
She called on corporate leadership teams to “immediately convene” to discuss the ransomware threat and their business continuity plans.
“No company is safe from being targeted by ransomware, regardless of size or location,” she wrote. “Companies that view ransomware as a threat to their core business operations rather than a simple risk of data theft will react and recover more quickly.”
Prevention and preparation is the best defense
Our advice on ransomware from five years ago stands true today: take a proactive approach to avoid having to react to a bad situation already in progress.
Investing in ongoing cybersecurity training is important, but it’s not a silver bullet. It should be part of a layered security approach, which also includes technical safeguards, access controls (like password policies), a business continuity plan, off-site backups, VPNs and firewalls, and perhaps most importantly, email security.
Email security—a necessary protective measure
With our HITRUST CSF certified solution, all emails are encrypted directly from an existing email platform (such as Microsoft 365 and Google Workspace). No extra logins, passwords, or portals for sender or recipient to read a message.
Paubox Email Suite Plus also comes with ExecProtect, built to block display name spoofing emails from reaching the inbox in the first place. Our Zero Trust Email feature also requires an additional piece of evidence to authenticate every single email before being delivered to your team’s inboxes.
Spoofing can catch victims off guard, which is why organizations must be proactive with strong security features in place to eliminate future problems.