In the past five years, ransomware attacks have evolved from rare misfortunes into common and disruptive threats. Hijacking the information technology systems of organisations and forcing them to pay a ransom in order to reclaim them, cybercriminals are freely extorting millions of pounds from companies – and they are enjoying a remarkably low risk of arrest as they do it.
At the moment, there is no coordinated response to ransomware attacks, despite their ever-increasing prevalence and severity. Instead, states’ intelligence services respond to cybercriminals on an ad-hoc basis, while cyber-insurance firms recommend their clients simply pay off the criminal gangs that extort them.
Neither of these strategies is sustainable. Instead, organisations need to redouble their cybersecurity efforts to stymie the flow of cash from blackmailed businesses to cybercriminal gangs. Failure to act means that cybercriminals will continue investing their growing loot in ransomware…