Despite Washington’s recent efforts to expand cybersecurity rules and disrupt hacking gangs, ransomware continues to spread and officials have expressed concerns about their companies’ ability to address the threat.
Cybersecurity experts say the number of ransomware attacks against US businesses continues to rise this year, while some lawmakers have warned that the government has limited visibility into such hacks. Companies rapidly digitizing their operations during the pandemic are spending more time and effort navigating the rapidly changing and treacherous ransomware landscape.
Nearly 19% of cyberthreat executives are highly confident in their organization’s ability to understand and respond to cyber threats, according to a survey of more than 660 individuals, the insurance broking business of the Marsh & McLennan company and published Thursday by Microsoft Corp.
Thomas Reagan said, “This shows that, despite the significant amount of time and energy and resources that organizations are spending on cyber, the risk environment continues to evolve and expand to overtake or get on top of it.” Its difficult.” , Cyber Risk Practice Leader for the US and Canada at Marsh.
Verizon Communications Inc. of
The annual data breach investigation report published last week found that ransomware involvement in data breaches rose 13% during the past year, more than the combined increase over the past five years.
Verizon’s chief revenue officer Soumyanarayan Sampath said many of the attacks remained relatively unsophisticated and relied largely on human error rather than technology prowess.
“It’s not James Bond stuff,” he said.
The pandemic has prompted many companies to re-establish their security postures to protect employees working remotely and outside of traditional corporate cybersecurity. That change, coupled with an increase in criminal operations using ransomware, contributed to a sharp increase in such attacks during the pandemic.
Criminal groups demand millions of dollars in ransom to unlock some companies’ data, causing disruption critical infrastructure operators such as Colonial Pipeline Company and meatpacker JBS Foods SA last spring, A flurry of incidents prompted Federal Bureau of Investigation director Christopher Wray last year to compare the challenge posed by ransomware to the terrorist attacks of September 11, 2001.
Researchers at security firm Sophos Inc. say that as ransomware has become more common, hackers are increasingly specializing in specific tasks such as accessing computer systems or deploying malware in order to work more efficiently.
Patrick Gaul, executive director of the National Technology Security Coalition, an advocacy group for chief information security officers, said the result is that corporate security teams are “facing more attacks that develop at an accelerated rate”, leading to employee burns. and resign.
Washington has tried to meet the threat by collaborating more with corporate security teams and unveiling a menu of more aggressive standards for the public and private sectors.
Regulators issued first-of-its-kind cyber rules for oil and gas pipelines, lawmakers passed new rules for critical-infrastructure firms to report breaches, and the Justice Department and other agencies disrupted criminal groups abroad. has intensified its efforts to The Cyber Security and Infrastructure Security Agency, or CISA, announced last week that it was setting up a task force on ransomware.
According to a report from the Senate Homeland Security Committee last week, the government is aware of only one-quarter of such incidents due to underreporting by companies and disclosures spread across various federal agencies.
The report found that a lack of visibility blunts efforts to assist victims and obscures the full economic impact of ransomware attacks.
Chainalysis Inc. According to the report, victims sent at least $692 million in cryptocurrency to virtual wallets affiliated with such hackers in 2020. $602 million—likely to exceed the amount in 2020 as more digital ransoms are discovered over time.
A top cybersecurity official in the Biden administration has said that attacks have slowed in recent months during Russia’s invasion of Ukraine.
Speaking at the Cyber Initiatives Group’s Spring Summit this month, National Security Agency cybersecurity director Rob Joyce said repeated warnings by CISA helped businesses shore up their defenses against potential hacks. The sanctions imposed on Russia, where researchers believe many ransomware gangs operate, have made it harder for criminals to capitalize on successful attacks, he said.
But cyber security experts don’t see this as a time to be less cautious.
“If anyone thinks that ransomware attacks are decreasing or going away, I would say that assumption is absurd,” said Errol Weiss, chief security officer of the Center for Health Information Sharing and Analysis, a nonprofit. which coordinates safety among health organizations.
The NSA declined to comment. “Ransomware continues to be a threat affecting many organizations,” Eric Goldstein, executive assistant director of cyber security at CISA, said in a statement.
write to James Rundle et James.rundle@wsj.comDavid Uberti et david.uberti@wsj.com and Katherine Stoop Catherine.Stupp@wsj.com
Copyright © 2022 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8