In the double extortion strategy, cybercriminals first exfiltrate sensitive data from the victim’s servers and then encrypt the data, making it inaccessible. They then demand a ransom for both the decryption key and the assurance that they will not release the stolen data publicly. This places immense pressure on the targeted companies, leaving them with little choice but to meet the hackers’ demands. Unfortunately, there is no guarantee that the data will be returned or deleted once the ransom is paid.
One striking revelation from the CyberOwl study is the connection between the rise in ransomware attacks and Russia. Researchers and analysts involved in the survey have suggested that the surge in activity and the resulting revenue may be linked to Russia’s invasion of Ukraine. It’s hypothesized that the funds generated through ransom payments to cybercriminals could indirectly support the war efforts, inadvertently contributing to the conflict.
In alignment with these findings, a separate study by U.S.-based ransomware specialist Coveware found that 34% of ransomware victims paid various criminal groups in the second quarter of 2023. This indicates that the willingness to pay ransoms is a global issue affecting a broad spectrum of industries.
To mitigate the risks associated with file-encrypting malware and ransomware, companies in the maritime sector, as well as across other industries, should adopt a proactive approach.
Here are some essential measures to consider:
1.) Regular Data Backups: Maintain a consistent backup strategy, ensuring data can be restored in the event of a ransomware attack.
2.) Automated Threat Monitoring: Implement automated systems for detecting and responding to security threats in real time.
3.) Retention Policies: Establish data retention and deletion policies to minimize the amount of valuable data accessible to cybercriminals.
4.) Incident Response Teams: Develop and train incident response teams to swiftly address security incidents and minimize potential damage.
As the ransomware threat continues to evolve and grow, it is imperative that companies remain vigilant and prepared to safeguard their data, financial assets, and reputation from these insidious cyber threats. Paying ransoms may offer a short-term solution, but it perpetuates the cycle of criminal activity, making it crucial for organizations to invest in robust cybersecurity practices and risk mitigation strategies.