Search Options
Skip to main content (Press Enter).
Sign In
Skip auxiliary navigation (Press Enter).
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Communities
General Discussion
My Communities
Explore All Communities
Products
Solutions
Services
Developers
Champions Corner
Customer Stories
Insights
Customer Advocacy Program
Badge Challenges
Resources
Resource Library
Hitachi University
Product Documentation
Product Downloads
Partners Portal
How To
Get Started
Earn Points and Badges
FAQs
Start a Discussion
Champions Corner
Blog Viewer
Blogs
The Escalating Cost of Ransomware
By
Hubert Yoshida
posted
07-07-2021 19:57
2
Like
The average cost of a ransomware incident as reported by
Purplesec.us
used to be
2018 – $4,300
2019 – $5,900
2020 – $8,100
This was mostly targeting small businesses.
In 2021 this took a dramatic turn.
On May 7, 2021, a cyberattack on the U.S.’s largest fuel pipeline,
Colonial Pipeline
forced a shutdown that triggered a spike in gas prices and shortages in parts of the Southeast. The operator of the Colonial Pipeline learned it was in trouble at daybreak on May 7, when an employee found a ransom note from hackers on a control-room computer. By that night, the company’s chief executive officer came to a difficult conclusion: He had to pay. He authorized the ransom payment of $4.4 million because executives were unsure how badly the
cyberattack had breached its systems
, and consequently, how long it would take to bring the pipeline back.
On Sunday, May 30, technology staff members at
JBS
,
the largest meat processing company in the world, noticed irregularities with the functioning of some servers. Soon they found a message demanding a ransom to reclaim access to the company’s system. JBS USA Holdings Inc. paid an $11 million ransom to cybercriminals who temporarily knocked out plants that process about one-fifth of the U.S. meat supply. The ransom payment, in bitcoin, was made to shield JBS meat plants from further disruption and to limit the potential impact on restaurants, grocery stores, and farmerds that rely on JBS. Although JBS maintains secondary backups of all its data, which are encrypted, and was able to bring back operations using these backups. JBS’s technology experts cautioned the company that there was no guarantee that the hackers wouldn’t find another way to strike, and JBS’s consultants continued negotiating with the attackers.
On Friday this past weekend, July 2, we suffered the largest Ransomware attack so far. Thousands of companies across all five continents were affected. Initially companies were charged $50,000 to $5 million in exchange for a special key that would allow them to decrypt their data and resume normal operations. Later the group responsible was willing to negotiate for $70 million to restore all the data rather than the drawn-out process of negotiating with each account. The group responsible is suspected by Cybersecurity experts to be the Russia-based hacking group REvil—the same gang that shut down JBS in June and successfully extorted $11 million in ransom.
The reason this hack was so widespread is that they attacked the supply chain for several Managed Service Providers that were supporting many small businesses. It all started with a Miami, Florida-based IT services company called
Kaseya
,
which provides security software for many large-scale cybersecurity contractors, which in turn sell their security services to thousands of businesses worldwide. After hackers breached Kaseya’s servers on Friday (July 2), they were able to quickly leap into at least 40 cybersecurity contractors’ systems. Since, the contractors trusted their supply chain supplier, Kaseya, they installed the updates from Kaseya that contained the hack. Their customers them installed the hack into their systems and were infected. The timing, which was before a three-day, 4
th
of July holiday in the US meant that many of the end users did not know they were hacked until they tried to start their businesses on Tuesday. It also took advantage of the practice for many IT departments to install system updates on long weekends to minimize the disruption to their users.
Most of the affected companies were in the US, but the cyberattack spread to other countries such as New Zealand and the UK. Swedish grocery chain Coop was forced to close 800 supermarkets when the hack knocked out its cash registers on Saturday July3. The Coop was able to reopen many of its stores by asking customers to use a “scan & pay” app on their smartphones to pay for their groceries.
Now that the Gang has negotiated for a $70 million ransom, no word has been received as to whether that ransom will be paid. Law enforcement agencies and cybersecurity experts warn that the multi-million-dollar ransom payments have encouraged the hacking gangs’ growth and incentivized more criminals to enter the field seeking big scores. In just a few months we have seen ransoms jump from $4.4 million to $11 million, and now to $70 million. While the larger ransoms are demanded from large companies in the critical infrastructure, a supply chain hack like the one that hit Kaseya could cost 100’s of millions if it is spread across thousands of smaller companies.
Even though some companies can recover using backups, the recovery costs could vastly exceed the cost of the ransom. And in the case of JBS, even when they recovered, they still paid the ransom just in case. Although some insurance companies provide ransom protection, I don’t know how they can update the actuarial tables to keep up with the escalating ransom costs.
Ransomware has become a national threat that ranks up there with the COVID crisis. Cyber security has to be our number one priority.
#Hu'sPlace
#Blog
1 comment
7 views
Related Content
Ransomware Insurance: Good or Bad?
Hubert Yoshida
Added 07-14-2021
Blog Entry
The SolarWinds Hack
Hubert Yoshida
Added 03-05-2021
Blog Entry
Ransomware Temporarily Disrupted – But More Action is Required
Hubert Yoshida
Added 05-18-2021
Blog Entry
Cyber Security is Everyone’s Responsibility
Hubert Yoshida
Added 06-02-2021
Blog Entry
Object Storage: Your Primary Defense Against Ransomware Attacks.
Hubert Yoshida
Added 06-26-2019
Blog Entry
Permalink
Comments
Chayan Sarkar
05-04-2022 11:48
Good read
© Hitachi Vantara LLC 2023. All Rights Reserved.
Powered by Higher Logic