Government can avoid the ransomware question with strong cyber policy

[InfoSec News <alerts () infosecnews org>]

https://statescoop.com/corye-douglas-avoid-ransomware-question-strong-cyber-policy/

By Corye Douglas
STATESCOOP
July 30, 2020

As the number of coronavirus cases tops 4.4 million in the U.S., the shift 
to remote work has provided an opportunity for bad actors to more 
successfully conduct various types of cyberattacks, with ransomware 
representing one of the most devastating threats.

Unvetted computers and home networks are now relied upon to connect to an 
organization’s databases and applications. Remote work means fewer 
restrictions on an organization’s employees. At home, distractions can 
drive engagement in risky online behavior, such as clicking on links in 
phishing or spam emails.

The actor behind the Sodinokibi ransomware recently demanded that a 
Brazilian electrical company pay $14 million, using a special webpage to 
chat with their victims. The Mexican Ministry of Economy was asked to pay 
$5 million, while the University of California, San Francisco in June paid 
$1.14 million in ransom, after negotiating from $3 million.

The average ransom has doubled since 2018, while associated expenses like 
the loss of work due to downtime and data loss have shown an increase from 
$46,800 to $283,800, according to one estimate. And with the potential 
impact on consumer trust when people feel an organization is not capable 
of protecting their data, there is no question why organizations are 
paying the ransom: to save their reputations and their finances.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
Follow InfoSec News on Twitter
https://twitter.com/infosecnews_
Follow InfoSec News on LinkedIn
https://www.linkedin.com/company/infosecnews/