Phish of the Week: Should we ban ransomware payments?
We’ve experienced a surge in ransomware, and we are getting attacked on all fronts–our oil, our burgers, hotdogs, our ferries, and our cities. And one possible reason for this surge in attacks is due to cyber insurance policies.
Like any of us in our own businesses, attackers have also goals and motives. And one of their biggest goals is commercial gain. The rise in Ransomware payments by organizations is creating a direct line of sight to that commercial gain for threat actors. These payments are often underwritten by Cyber insurance policies; and an increase in security risk insurance may actually contribute to the overall problem.
Many critics argue that by paying the ransom requested, we are, in effect, encouraging and actively contributing to these attacks. The more we pay, the more these attacks happen, the higher the premium, the more the payments and the cycle continues.
The federal government is considering a phased proposal to ban ransomware payments in an effort to disincentivize threat actors. While such a ban would help in many ways, the implications are significant if it does go into effect.
We’re curious to hear from you. What do you think?
Should ransomware payments be banned? Or should organizations payout ransomware in an effort to maintain business continuity?
Share your thoughts with us in a short poll here.
“If you are not taking steps – today, right now – to understand how you can make your company more resilient, what is your plan?” Monaco said in a nine-minute interview addressed to the nation’s business leaders.
Deputy Attorney General Lisa Monaco tells CEOs to prepare for ransomware attacks. Want to learn more about how to prevent advanced ransomware attacks?
Check out our infographic guide to get quick tips.
This detailed infographic highlights:
- The business impact of ransomware — the fastest-growing type of cybercrime
- Six ransomware trends for 2021 — including threat actors hiring in open marketplaces and the rise of third-party brokers to negotiate ransoms
- Best practices for addressing ransomware — before, during and after an attack
- A security checklist — four key areas to look for in a solution that protects against ransomware attacks
Remote work leads employees and employers to be more susceptible to cyberattacks, phishing emails, and ransomware campaigns.
“As the lines between work and home have blurred, security risks have soared, and everyday actions such as opening an attachment can have serious consequences. Without all of the pre-pandemic sources of visibility of devices, and how they are being used and by who, IT and security teams are working with clouded vision.” Joanna Burkey, Chief Information Security Officer (CISO), HP Inc states.
As we move toward a hybrid work environment, human awareness is no longer (or actually, has never) been enough. What we need is the correct type of security program to fill any security gap.
Close the phishing gap, enhance signals, and improve incident repose times all with Area 1’s Autonomous Phish SOC. View the solution brief here.
Watch the highly awaited webinar Ransomware Threat Briefing: SolarWinds, Colonial Pipeline and More with Area 1 Security co-founder Oren Falkowitz to learn:
- In-depth analysis of the latest attacks on SolarWinds, the Colonial Pipeline, and more
- The role phishing plays in Ransomware attacks
- How Area 1 discovers, detects, and prevents attacks early in the cycle before they become large-scale campaigns
- How Area 1 gives you a critical time advantage – approximately 24 days ahead of industry benchmarks – to stop these attacks