Ransomware Attacks: Why Case Studies Provide Rare Learning Opportunities

The United States suffered a staggering 421.5 million ransomware attempts in 2021, a 98% increase from 2020. Those figures come from United States Senate Committee on Homeland Security and Governmental Affairs staff report titled “America’s Data Held Hostage: Case Studies in Ransomware Attacks on American Companies.”

The report details three companies’ experiences responding to attacks by Russia-based ransomware group REvil. The companies varied in size and industry but their previously established incident response plans in place helped mitigate the damage from the attacks.  However, the companies reported receiving little assistance from the Federal Government, highlighting the need for change at the federal level to better combat future attacks.

The report provides a comprehensive overview of ransomware’s state of play but the three case studies on anonymous companies’ reactions to ransomware attacks provides the freshest insight. The companies ranged from a Fortune 500 company with over 100,000 employees to a technology firm with approximately 50 employees.  Each had an incident response plan and various cybersecurity measures in place that helped mitigate the effects but to different levels of success.  Offline backups were uniformly hailed as one of the best defense measures each had in place to keep their company running while addressing the attacks but they all acknowledged at the attacks’ conclusions that they needed to address gaps in their plans and security that the attacks uncovered.

One of the companies did not need the government’s help responding to the ransomware attack but the two others reported little help from the government despite seeking its assistance.  Not surprisingly, the FBI continues to focus its efforts on its core law enforcement mission by identifying the bad actors and bringing them to justice, rather than proactively protecting and assisting victim companies.

Cybersecurity Incident Reporting: Time for FBI and CISA Reforms?

The Committee made seven recommendations in its report based on its investigation, three of which called for reform in the government:

  1. The Cybersecurity and…