The Department of Justice (DOJ) has declared 2021 the “worst year” for ransomware attacks, but it looks like the title could be in the hands of 2022 very soon.
Despite some rare victories in the war against hackers over the past 12 months – from the government’s seizure of $2.3 million in bitcoin disbursed to the colonial pipeline hackers, to the successful disruption of the infamous REvil gang — the ransomware threat continues to grow. In the past few months alone, we’ve seen threat actors ramp up attacks against public sector organizations, including: hospitals, schoolsand in the case of Costa Rica, whole governments. The private sector is also grappling with an increasing ransomware threat, with attackers claiming some high-profile victims such as AMD, Foxconn and Nvidia.
Enable multi-factor authentication for everything you have. Katie Moussouris, founder of Luta Security
Founders of early stage startups will no doubt find it disturbing to see even well-known organizations fail to protect themselves from ransomware despite their seemingly endless resources, especially since it’s unclear exactly where these companies went wrong.
“It could be a zero day or it could be a failure to implement multi-factor authentication (MFA) or an MFA bypass,” said Brett Callow, threat analyst at Emsisoft, during a panel discussion on the londonbusinessblog.com+ stage at Disrupt 2022. “There is no one-size-fits-all answer, which is what makes this problem so difficult to solve.”