Ransomware continues to be a growing threat in 2021, with the average ransom payment nearly tripling from 2019 to 2020. According to Jen Miller-Osborn, deputy director of threat intelligence for Unit 42 at Palo Alto Networks, the highest ransom payment doubled from $5 million to $10 million during the same period. With attackers gaining more money, ransomware has become increasingly popular in the criminal sector.
Over the last decade, ransomware has evolved significantly. Michael Daniel, president and CEO at the Cyber Threat Alliance, noted that ransomware attacks are no longer limited to individual computers with small ransom amounts. In 2021, the average ransom has surpassed $300,000, with critical infrastructure like school systems, hospitals, and the energy grid being targeted.
The complexity of ransomware attacks poses challenges for limiting the risk and shutting down attackers. Phil Reiner, CEO of the Institute for Security and Technology and Ransomware Task Force, emphasized the need for a coordinated effort across public and private sectors to address the growing threat. He described ransomware as a “plague” that requires senior-level interest and prioritization to combat effectively.
To combat ransomware effectively, a comprehensive approach is necessary. Disrupting the cryptocurrency element of ransomware is crucial, as it enables payments that the normal financial system cannot track or block. Daniel highlighted the need to address this aspect of the ecosystem to prevent ransomware attacks.
Additionally, increasing pressure through law enforcement actions and economic sanctions can help deter ransomware attackers. By dismantling ransomware infrastructure, networks, and payment operations, and holding perpetrators accountable with arrests and jail time, the panelists believe that behavior can be changed.
Ultimately, the fight against ransomware requires a multifaceted approach that involves collaboration across various sectors and global regions. By taking proactive measures and implementing coordinated strategies, the impact of ransomware attacks can be mitigated, making cyberspace safer for everyone.