Holy Smokes! Ransomware may be poised to return as a top scourge for companies, as more and more of them pay up—it's actually their insurance company that makes the payment—after an attack in an effort to minimize the cost of recovery.
In this new RSA Conference 2019 Threatpost video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.
According to Zelonis, a new trend of victims paying off the ransoms could reverse the wane in ransomware attacks that has been seen in the last year or so. Here is a snippet from the interview:
Tara Seals: "Before we kick off our video interview here, you had mentioned that you’ve been seeing a trend of companies actually paying the ransomware when they get hit by an attack. So, I thought that could be a really interesting place to start our conversation if you wanted to tell me a little bit about what you’re seeing there."
Josh Zelonis: "Yeah absolutely. So one of the trends that I’ve been hearing about more and more is that insurance companies are actually starting to pay the ransoms because it’s costing them less than going and doing the remediation, going back to backups, which may or may not even exist. And so a lot of the time the incident response companies are being brought in to broker the transaction with the adversaries themselves in order to ensure that the payment is made and recovery is possible.
Now part of the problem, as you might imagine, is that this creates a market where it becomes more and more profitable to use ransomware as a method of attack against an organization. Primarily the reason why this is such a challenge is that we’ve been seeing ransomware [volume] tapering off in the last number of years, and now that it seems that we’re starting to create a market, I expect that we’ll see that turn around and start increasing again."
Now, many cyber insurance products have included cyber extortion coverage for years now. (Check if your policy does!) And there has been lots of discussion at conventions like Blackhat/Defcon regarding the question "does the purchase of cyber insurance increase the likelihood of an attack?" From the perspective of the individual insurers it is hard to identify a correlation between the two. However, if cyber insurance were to become compulsory (such as workers' comp), or so widespread that practically everyone has it, there would be a ready market created for cybercrime. This is not an easy one to solve.
You can discuss the topic of PAY or NOT PAY Ransomware at KnowBe4's HackBusters Forum.
Yikes. Here is the whole interview.
Ransomware Hostage Rescue Manual
Get the most informative and complete hostage rescue manual on Ransomware. This 20-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with malware like this. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:
- What is Ransomware?
- Am I Infected?
- I’m Infected, Now What?
- Protecting Yourself in the Future
Don’t be taken hostage by ransomware. Download your rescue manual now!
Or cut&paste this link in your browser: http://info.knowbe4.com/ransomware-hostage-rescue-manual-0