Ransomware Attacks: To Pay Or Not To Pay? | WABNEWS

The largest cyber ransomware attack (pay ransom) of 2021 has fueled the debate among politicians, cybersecurity experts and corporate leaders over whether a strategy should be put in place to ban companies from remunerating hackers to counter more threats. Businesses and other organizations targeted have to choose between paying a ransom to regain control of their computer networks or refuse and lose irreplaceable data and the ability to resume operations. With pressure mounting on the administration to find ways to contain the threat, President Joe Biden met Wednesday with top national security officials and other experts to discuss new tactics and policies. White House press secretary Jen Psaki later told reporters that officials updated Biden on his efforts to combat ransomware, adding that the president “reserves the right to respond against any ransomware network and those who protect them ”. The attack on the weekend of July 4 was directed against software provider Kaseya and more than 1,000 of its customers around the world. Several intrusions similar to those attributed to criminal groups believed to be operating from Russia followed. REvil, a Russian-speaking gang of hackers blamed for the attack on the meat processor JBS in the US in June, claimed responsibility for the weekend’s attack and said it had infected more than a million “systems ”. The group is demanding a ransom of $ 70 million in cryptocurrencies in exchange for a “universal” key that frees the affected machines. The payment would be the biggest ever made, according to cybersecurity firm Recorded Future. A dire situation While cybersecurity experts say it is highly unlikely that affected companies, from Swedish markets to New Zealand kindergartens, will come together to pay the ransom, the incident illustrates the problem often faced by victims of attacks. ransomware. “No company wants to find themselves in that situation, where they have to choose between staying open and continuing to operate at the cost of funding criminals,” said Philip Reiner, executive director of the Institute for Security and Technology. FBI Director Christopher Wray says that companies and organizations victims of ransomware attacks should not pay hackers to release their data, but go to the authorities immediately. US recovers ransom paid to Russian hackers for pipeline attack The Justice Department said it was able to recover close to than 80% of the money paid by Colonial Pipeline to hackers. Ransomware attacks have increased in the last two years, driven by the proliferation of cryptocurrencies, which allow pseudo-anonymous payments and a business model that attracts even less sophisticated criminals. However , with attacks on critical services such as hospitals and schools, the authorities of the United States and other countries or Westerners are viewing them as threats to national security. To pay or not to pay? One of the toughest issues for officials is whether companies and other organizations should be prohibited from paying ransomware ransoms. Those in favor of this measure argue that since the attacks are motivated by reward, removing the economic incentive will put criminals out of business. Opponents say banning the payments would hurt companies’ efforts to try to restore operations. According to Anne Neuberger, deputy national security adviser for cyber and emerging technology, “it is a difficult decision” that must be studied “very carefully” to anticipate its effects. He also said that America’s critical infrastructure is largely owned and operated by the private sector, limiting the government’s ability to make business decisions, such as paying ransoms. Instead, he added, the government is looking at incentives it can offer to organizations so they don’t have to pay a ransom. At the same time, the administration is reviewing its policy on the secrecy of ransomware payments. Since many victims secretly negotiate with attackers, the scope of many ransomware attacks is unknown, Neuberger said. On the other hand, some members of Congress are pushing for laws that require companies to notify the government of intrusions and to report all ransom payments. “We need more transparency” on this issue, Democratic Senator Mark Warner, chairman of the Senate Intelligence Committee, told NBC last month. Connect with the WABNEWS! Subscribe to our YouTube channel and activate notifications , or, follow us on social networks: Facebook, Twitter

and Instagram.