[ALERT] Time to Truly Reckon with the Dark Reality of Ransomware’s Critical Costs



Ransomware Attack US Pipeline SystemBy now, I’m sure you’ve already been inundated with all the news about the US’s largest gasoline pipeline being shut down and restarted because of a ransomware attack. As reported by the New York Times, “One of the nation’s largest pipelines, which carries refined gasoline and jet fuel from Texas up the East Coast to New York, was forced to shut down after being hit by ransomware in a vivid demonstration of the vulnerability of energy infrastructure to cyberattacks.”

This is one of the very scenarios that cybersecurity experts have warned about for years: that a cyberattack would impact a significant piece of critical infrastructure. This is our new reality… and it’s time for a reckoning.

A few details

I think that the reality of this attack really hit me this morning when I noticed the stock widget on my phone; the two top stories had to do with the economic impact of the pipeline attack. Then, about 30 minutes after seeing these headlines, a coworker mentioned that she was looking at airline flights last week. Then she went to book her flight today and the price was three times as high.

Source: Yahoo! Finance

Earlier today, the FBI attributed the attack to the DarkSide cybercriminal gang. As reported by CBS, “DarkSide is among ransomware gangs that have "professionalized" a criminal industry that has cost Western nations tens of billions of dollars in losses in the past three years.

DarkSide claims it doesn't attack hospitals and nursing homes, educational or government targets and that it donates a portion of its take to charity.”

Cybersecurity vendor Varonis also notes that,

“[t]he Darkside ransomware group announced their RaaS (Ransomware-as-a-Service) in August of 2020 via a ‘press release.’ Since then, they have become known for their professional operations and large ransoms. They provide web chat support to victims, build intricate data leak storage systems with redundancy, and perform financial analysis of victims prior to attacking.

The group’s name, Darkside, evokes the image of a good guy (or gal) that has turned from the light. While we can’t conclude that the group is comprised of former IT security professionals, their attacks reveal a deep knowledge of their victims’ infrastructure, security technologies, and weaknesses.

They have publicly stated that they prefer not to attack hospitals, schools, non-profits, and governments, but rather big organizations that can afford to pay large ransoms.”

The Time for Reckoning Has Come

There are a few things here that we can’t afford to ignore or be ignorant of.

  1. Ransomware is on the rise… again. And ransomware gangs are getting more creative – and destructive – than ever before.
  2. Phishing is often the initial infection vector for ransomware. That means that you can’t afford to ignore your human layer security.
  3. Ransomware can cripple a business, damage an economy, or potentially threaten life.
  4. Even paying the ransom doesn’t mean everything will be OK. You still have to deal with downtime, loss of revenue, negative press, and more. And you probably won’t even get your data back. As Sophos’, “The State of Ransomware in 2021” points out, only about 8% of ransomware victims get their data back. That is a sobering and devastating reality check.

RanSim

Free downloadable software tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

RanSim gives you a quick look at the effectiveness of your existing network protection. RanSim will test 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the installer and run it
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/ransim

Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews