Colonial Pipeline ransom seizure is a win, but don’t relax yet
Wednesday, June 9, 2021
The security community is enthusiastic about the US authorities’ recovery of a significant part of the Colonial Pipeline ransomware payment, but this positivity should perhaps be somewhat tempered.
Don’t stop me now
ImmuniWeb founder Ilia Kolochenko, who is also a member of Europol’s data protection experts network, agreed that the seizure sent a clear message that the authorities have reached the end of their “tolerance” for ransomware attacks, but said it was important to back up this action with more funding and support, rather than just accepting the win.
“The DoJ will certainly need more funding to gradually expand its cyber crime prosecution unit and foster interagency collaboration,” he said. “Moreover, international cooperation is essential to curb surging ransomware attacks, including a baseline cooperation with traditionally hostile jurisdictions. Otherwise, even though uncovered, the perpetrators will likely enjoy impunity due to missing extradition treaties with foreign jurisdictions.”
The seizure also needs to be backed up with more attention from governments – not just the US government – to support businesses in establishing continuous, risk-based and process-driven cyber security programmes – based on standards such as ISO 27001 – to mitigate the risk of falling victim to a ransomware hit.
“Most ransomware victims of all sizes neglect even the basics of data protection, eventually becoming low-hanging fruit for unscrupulous cyber criminals,” said Kolochenko. “Therefore, merely prosecuting the criminals with more force will not help without first enhancing national cyber security awareness and preparedness.” Read Full Article
IT PRO: DoJ recovers 'majority' of ransom paid by Colonial Pipeline
CPO Magazine: Russian Darknet Market Hydra Records 624% Growth in Three Years, Accounts for 75% Of Illegal Transactions