While the US is taking steps to counter ransomware by offering rewards, consolidating resources, and forming task forces, evidence shows that the same threat grows more pertinent in India.
The US Cybersecurity and Infrastructure Security Agency (CISA) is collaborating with tech giants such as Amazon, Google, and Microsoft to fight ransomware and defend cloud computing systems from hackers, according to a report by The Wall Street Journal.
As per CISA, the tech giants are among the firms that have signed on to be a part of the Joint Cyber Defense Collaborative which intends to combine government and private skills and resources to fight hackers.
Why it matters? Ransomware is a programme that hackers use to hold digital information hostage. According to a Datto Inc. report, ransomware remains the most prominent malware threat in the USA with over 4,000 ransomware cases being reported daily. The country also witnessed the biggest global ransomware attack when an American-based IT firm called Kaseya was attacked last month which affected hundreds of businesses. Following this, US President Joe Biden had expressed concerns over the rising number of cyberthreats, including ransomware attacks. According to a cybersecurity firm called SophosLab, India also tops the list of countries most affected by ransomware attacks.
Other measures taken by US to prevent cyberattacks
According to a report by Forbes, the Biden administration announced a slew of measures that is going to be implemented in order to combat cyberattacks in the USA. A few of them are listed below:
- Rewards Programme: As a part of the Justice Department’s Rewards for Justice programme, a reward of up to $10 million is being offered if someone provides any information that leads to the identification or location of anyone who is a part of cyberattacks including ransomware attacks against US critical infrastructure.
- Ransomware Resources: StopRansomware is a new website that consolidates ransomware resources from all federal agencies. It also provides a set of guidelines on how to report on attacks and consolidates the latest ransomware-related alerts and threats from all participating agencies. The website includes resources and contents from CISA, U.S. Secret Service, FBI, National Institute of Standards and Technology, among others.
- Anti-Money Laundering: The Treasury Department’s Financial Crimes Enforcement Network intends to work with technology firms to prevent money laundering and rapid tracing of ransomware proceeds. It has also announced that it plans to host a second FinCEN exchange in August and discuss ways to combat increasingly sophisticated cyber and ransomware attacks.
- Task Force: The White House had set up an interagency task force back in April as per Biden’s directive, and it has made progress in identifying and coordinating action on a range of issues regarding ransomware.
2021 is going to be the year of ransomware: Lt. General (Dr.) Rajesh Pant
Ransomware should be a cause of concern in India as well, according to cybersecurity firms and experts. The findings of a report by cybersecurity firm Checkpoint Research revealed that India faces 213 weekly ransomware attacks per organisation – up by 17 percent since the beginning 2021.
Similar views were reciprocated by Lt. General (Dr.) Rajesh Pant, National Cybersecurity Coordinator, Government of India in his keynote address at an online discussion held by MediaNama in partnership with the CyberPeace Institute on July 28, 2021. Highlighting the challenges that ransomware attacks pose, Pant said that 2020 was the year of phishing whereas 2021 is going to be the year of ransomware.
A few key takeaways on the issue of ransomware from the online discussion:
- There are two types of ransomware: data encryption and data extortion. Data encryption involves paying the ransomware attackers in bitcoins when your data is encrypted in order to obtain its decryption key. Data extortion involves that they take victims’ data and threaten to share it publicly unless a payment is made to them.
- India witnessed a 37% increase in cyber-attacks between November and December 2020, of which ransomware attacks showed the biggest increase. Healthcare was the worst affected which witnessed an increase of 22% in cyber-attacks in the same period.
- Ransomware gangs took advantage of the Covid-19 pandemic and infected hospitals when the hospital staff was least prepared. As a result, critical processes in the healthcare industry slowed down and healthcare workers had to resort to using pen and paper. Checkpoint Researchers have revealed that ransomware strains called Ryuk and REvil have dominated the threat landscape.
- Cyber insurance to cover ransomware is a tricky solution to the problem. It’s a way of financing criminality and contributes to the phenomenon of higher ransom – sometimes criminals may select their target based on the fact that victims have insurance and would be willing to pay the ransom. Thus, creating a vicious circle. Certain countries have also made it illegal to pay the ransom.
- Indian Businesses Top Victims Of Ransomware Attacks, 67% Were Hit: Report
- 37 Incidents Of Ransomware Attacks Reported In India Till June 2017: CERT-In
- WannaCry Ransomware: Few Incidents Reported On Monday, As Many Continue To Be Vulnerable
Have something to add? Subscribe to MediaNama and post your comment