In January, we published the Ransomware Pandemic, a report discussing the ever-evolving threat of ransomware and the growing devastation disseminated by these malicious malware strains. The report discussed the future forecast for ransomware and how we imagined the threat would progress in the immediate future. Just six months later, these predictions have already become a reality. In this part of our discussion about the ransomware pandemic, we shall examine these developments and discuss exactly how we, as a community, can begin to confront this ongoing struggle.
Six Months of Chaos
Since the beginning of 2021, ransomware has dominated headlines across the globe. We have witnessed some of the most significant ransomware attacks the world has ever seen—events that have already changed the landscape, evidenced in the way world leaders are responding to these attacks, altering policies and beginning to consider real-world responses.
It is now estimated that worldwide, the cost of ransomware attacks will exceed $265 billion in the next decade, spiralling out of control by 2031 if a solution is not identified. Health care has continued to be a high-value target in these attacks, with significant breaches against Ireland’s department of health and a major attack against New Zealand’s health care system so far this year, both attributed to ransomware. These compromises led to the cancellation of major surgeries and appointments, causing disruption and backlogs in a sector already under a phenomenal amount of pressure.
In May 2021, cyberinsurance giant AXA was hit by a controversial attack, just one week after announcing that they would no longer be covering ransom payments in their cyberinsurance policies. In June 2021 JBS USA Holdings Inc., the world’s largest meat supplier, met an $11 million ransom demand after their systems were compromised, with the CEO stating, “It was very painful to pay the criminals, but we did the right thing for our customers.”
Another sector that has taken a huge hit in 2021 is critical infrastructure. The attack against U.S. fuel supplier Colonial Pipeline in May this year attracted arguably the most public attention the cybersecurity community…