Ransomware Threats Are Everywhere. Here’s How to Fight Back.

The cyber criminals are winning. After the recent spate of devastating attacks, experts say it’s only going to get worse from here, with hacking tools becoming increasingly available and high ransomware payments enticing more malicious actors and daring them to go after ever bigger targets. Corporations and governments need to act quickly and take concrete steps to counter the rising threat.

The flurry of cyberattacks on critical infrastructure and government computer systems has been unprecedented. Late last year, victims learned of the massive SolarWinds cyberattack that compromised the internal systems of at least 100 private companies and nine government agencies. In the spring, hackers targeted tens of thousands of Microsoft Exchange email clients. And this month, Colonial Pipeline Co. was forced to shut down the biggest fuel pipeline in the U.S. after ransomware group DarkSide’s technology infiltrated their network. Bloomberg News reported the company paid a nearly $5 million extortion payment to regain access to its systems.

For corporations, ransomware — a type of cyberattack in which hackers encrypt data and demand payment before restoring access to the files — has become a big expense. According to Palo Alto Networks, the average payment has nearly tripled so far this year to $850,000 after doubling in 2020. IBM Security X-Force estimates that the hacking group Sodinokibi made more than $123 million in 2020 all by itself. Attackers’ tactics are getting bolder as well. DarkSide has become known for its aggression, from threatening to notify the media and customers to badgering executives on their mobile phones. It’s not surprising that corporations are feeling more vulnerable. According to a recent survey by security firm Proofpoint, 64% of 1,400 chief information security officers felt their organization is at risk of a material cyberattack over the next year.