Bad cyber actors are increasingly becoming organized criminals with well-structured techniques. This, and globalization, has made the fight against cybercrime more challenging than ever before.
We are seeing an emergence of more and more nation-state cyber-terrorist groups targeting infrastructure from specific countries. Typically, they hack several organizations simultaneously and then demand very high ransoms. Hundreds of millions of cash in untraceable cryptocurrencies have been routed into these cyber-criminal terrorist gangs. Watch this short video to learn more on how to stop bad cyber actors:
Why Can't Host Nations Stop These Cyber Terrorist Groups?
The answer is simple — they have no incentives to go after these crooks. And reasonably so—why would they trouble themselves going after cyber attackers who only target foreign companies when nobody is paying them to do so? Besides, the proceeds from these attacks usually go back to the home nations. So, even if the host countries don't shout it loud from the top of the mountains, they benefit from the hacks in one way or another.
Therefore, the onus is on us to prevent these attacks. We must take a stand against global cyber-terrorism by investing in better infrastructure and implementing reliable intrusion detection and prevention mechanisms. Investing in these items will keep money out of terrorists' hands and put it back into our economy.
Why Is It Difficult To Trace The Ransom Paid To Global Cybercriminals?
Cybersecurity Ventures predicts that the global ransomware rates will jump to one per 11 seconds, with mitigation costs skyrocketing to over $20 billion by the end of this year. According to Sophos, U.S. organizations pay an average ransom of $170,104 and incur ransomware mitigation costs of approximately $1.85 million per attack.
It's pretty clear from these figures that cybercrime is quite a lucrative venture. U.S. businesses and organizations lose billions of dollars to bad cyber actors every year. The question is—why can't the federal government trace these ransoms and bring the criminals to book?
Well, there have been efforts by both local and federal cybersecurity agencies to track these terrorists and recover ransoms. Just last month, Deputy Attorney - General Lisa Monaco - confirmed the recovery of over $4.4 million that had been paid to hackers who took down the Colonial Pipeline's systems.
While recovery efforts are not a new thing, most of them are usually not successful. That's because cyber criminals exclusively accept payments in cryptocurrencies which are almost impossible to trace. Again, hackers operate in the chaotic dark web where sites continuously rewrite their addresses, making it challenging to track them.
How To Keep Your Organization's Systems Safe
First, you have to assume that you are the next target. Nobody is safe. So, whatever cybersecurity measure you have, ensure that it's effective and up-to-date. While there's no protocol or IT support team that guarantees surefire protection against hacks and breaches, the buck stops with the basics:
- Have strong passwords with a solid expiration protocol: Passwords are the most important and most vulnerable way of protecting your systems. Ensure that they are not only strong but also changed regularly. You should also have contingency measures like multifactor authentication and single-sign-on for scenarios where bad cyber actors steal your passcodes.
- Regularly assess your network: Sometimes, cyberattackers lay dormant in your systems for some time before launching an onslaught. They take this time to learn your systems, communication patterns, vulnerabilities, and how best to attack you. If you conduct regular assessments, you can identify the threats in your system early enough before they aggravate into severe breaches.
- Deploy effective intrusion detection and prevention mechanisms: Even as you invest in keeping cybercriminals off your system, you cannot overlook the possibility of an intrusion. The earlier you identify intrusion attempts, the better.
- Train your staff on cybersecurity: With several global cyber terror groups emerging by the day, your best shot at preventing hacks is to have cyber security-conscious employees. Regularly train them on the emerging threats, how to identify and prevent them, and fast-response protocols in a breach.
- Maintain offline backups: Cyber attackers rely on confusion and urgency to coax their victims into paying ransoms. With your data encrypted, you might be tempted to pay ransom to resume normal operations. However, if you have offline backs of your critical files, you can sustain basic operations as you negotiate with the hacker or recover the data.
Should You Pay Ransom To Global Cyber Terrorists?
The issue of whether or not you should pay a ransom is a controversial one. One faction argues that no amount of money can salvage an organization's reputation or match the value of its data. The other argues that paying a ransom is like appreciating cyberattackers and encouraging them to launch more attacks.
If you have a good backup plan you shouldn’t need to pay the ransom. Enlist a cybersecurity focused IT company to ensure proper backups are in place to save your organization from debilitating ransomware payments.
LeadingIT offers 24/7, all-inclusive, fast, and friendly technology and cybersecurity support for nonprofits, manufacturers, schools, accounting firms, religious organizations, government, and law offices with 10-200 employees across the Chicagoland area.