I think it’s wise for businesses to keep their mouths closed (as long as the law allows) when it comes to ransom payments. I commend JBS for placing the card near my chest. If so, why tell all other cybercriminals to pay to get out of trouble?
The attack on JBS was the second most serious attack on critical US infrastructure in recent weeks. In early May, the Colonial Pipeline, the largest fuel pipeline in the United States, was forced to shut down temporarily after being victimized by a ransomware attack.
After learning of the ransomware attack on May 7, Colonial immediately took the pipeline system offline and restarted it quickly and safely before deciding to pay a ransom to a group of hackers known as DarkSide. I did everything I could. It is believed to be operated from Russia.
Colonial Pipeline CEO Joseph Brant confirmed that the company paid hackers US $ 4.4 million as a ransom. The Wall Street Journal He approved the payment because executives didn’t know how badly the attack broke the colonial system and how long it would take to restore and operate the pipeline. He described it as a “very controversial decision” and did not “lightly” but believed it was “right for the country.”
Was that the right thing to do for the country? Yes, in terms of minimizing imminent damage to the US economy, but in the long run, I’m not sure.
Blount’s official statement may have been necessary due to the high-profile nature of the event and the systematic impact it had on the U.S. economy, causing rising gas prices, fuel shortages and panic buying, to hackers. Gives you all the incentives you need to continue Attacking critical infrastructure around the world knowing that giants pay huge ransoms. Because … “That’s right for the country.”
Obviously, whether or not to pay the ransom is by no means an easy decision. In May, commercial insurance giant CNA was reported to have paid US $ 40 million as a ransom after a “sophisticated” cyberattack. News of ransom payments larger than previously disclosed payments to hackers was leaked by sources requesting anonymity because they were not allowed to discuss the issue publicly.
CNA spokesman Cara McCall made the following comment: “CNA has not commented on ransom. In handling this issue, CNA has followed all laws, regulations, and published guidance, including OFAC’s 2020 Ransomware Guidance.”
The issue of these ransom payments being made public, and the reason why CNA prefers to keep large payments private, is likely to be the reason why cybercriminals around the world have important information on the plate. It is to hand it over. They know who is likely to pay, the motivation for paying, and how much money they can demand. And the concerns of cyber insurers continue to demand more and more … and more.
This exacerbates the already out-of-control problem with cyber insurance, and insurers are responding to the ransomware epidemic by reducing capacity and increasing rates by more than 100% in some jurisdictions.
Of course, there are many actions and controls companies can take to minimize cyber risk and reduce their exposure to ransomware attacks. Perhaps one of the potentially important mitigating factors in the fight against ransomware, based on the high-profile nature of some of these recent events, is that businesses play cards in the immediate vicinity of their chest. is.
Pay the hacker a ransom: is that right?
Source link Pay the hacker a ransom: is that right?