An Inside Look At the Battle Against Ransomware Attacks – NBC4 Washington

/in


Ransomware attacks have doubled in each of the past two years, according to a new report from the nonprofit group Identity Theft Resource Center, and the group said hackers demanding payment could become the number one cause of data compromises this year, surpassing phishing schemes.

As witnessed over the past couple of years, it seems no company, government or school is immune to the risk.

“There’s no silver bullet that protects you from everything,” Maryland Chief Information Security Officer Chip Stewart said.

In December, a ransomware attack forced the state’s Department of Health to shut down its website in the middle of the pandemic. It impacted COVID-19 data reporting, hospital operations, even funerals.  

“Systems start malfunctioning, which is how this event was detected,” said Stewart.

He told the I-Team as soon as the threat was discovered emergency plans kicked in and the agency immediately took servers offline to protect the network.

Ransom payment is always part of the discussion. Fortunately, because of the work we’ve done leading up to this, we haven’t had to consider that as a real possibility at this point,” said Stewart.

Attacks like these happen thousands of times each year, said Jen Miller-Osborn, deputy director of threat intelligence for Unit 42 by Palo Alto Networks, a specially trained team of cybersecurity experts who help with ransomware negotiations.

“Ransomware has gone absolutely insane. They’re continuing to expand their tactics and ways that they’re trying to get paid. The best thing to do is not to pay. But there are cases where you have to because otherwise your business is done. It can be a really, really tough situation,” she said. 

Last April, D.C.’s Metropolitan Police Department got hit with an attack. The hackers wanted $4 million. MPD offered $100,000 but ended up paying nothing. Files containing sensitive information on officers and suspects were posted on the dark web.

“It’s definitely a place where criminals hang out. It’s definitely a place that you know these threat actors are leveraging to stay anonymous,” said Ramarcus Baylor, a ransom negotiator for Unit 42 and senior director of incident…

Source…