Cybersecurity agencies in the US, UK, and Australia have warned against a “growing wave” of sophisticated ransomware attacks. These attacks pose a significant threat to critical infrastructure and organizations worldwide and will likely keep increasing as long as victims continue to pay.
The agencies released a joint advisory highlighting the dangers of this type of cyberattack, in which hackers take over data and hold it for ransom. That includes targeting victims, ransom negotiations, and selling ransomware as a service to other cyber gangs, a.k.a. ransomware-as-a-service.
Cyber Agencies Unite Efforts
Cybersecurity bodies from the US, UK, and Australia have teamed up to warn against the rising threat of ransomware attacks. The USA’s Federal Bureau of Investigation (FBI), National Security Agency (NSA), and Cybersecurity and Infrastructure Security Agency (CISA) joined forces with the UK’s National Cyber Security Centre (NCSC) and the Australian Cyber Security Centre (ACSC).
Their joint alert says that ransomware gangs have increased their operations and are now targeting key organizations and infrastructure worldwide. And they will continue to do so after seeing that victims are giving in to their demands.
The FBI, NSA, and CISA revealed that cyberattacks targeted 16 critical infrastructure sectors in the US. They include information technology, defense, food and agriculture, industrial systems, and emergency services.
In the UK, authorities fear an attack on healthcare or other vital sectors could have a devastating impact on people’s lives. NCSC Chief Executive Lindy Cameron warned against the consequences, previously stating that cybercriminals posed a real problem because they operate “beyond our borders.”
We expect ransomware will continue to be an attractive route for criminals as long as organisations remain vulnerable and continue to pay.Lindy Cameron, NCSC Chief Executive
In its turn, the ACSC said that ransomware remains the most dangerous cybercrime threat in 2021 due to its financial and disruptive impacts. The agency reported a 15% increase in ransomware-related attacks.
New Ransomware Tactic – Pay Up Or Else…
In similar news, and coincidentally on the same day as the joint advisory release, a ransomware webinar warned against a new type of cybercrime: Pay hackers to stay away. That’s right; hackers are now using this tactic to extort organizations and individuals even before launching the attack.
Sumit Bhatia, director of innovation and policy at Ryerson University’s Rogers Cybersecure Catalyst, made the comments as part of a webinar panel that The Globe and Mail organized. The other members included experts from IBM, the Norton Rose Fulbright law firm, and the DeGroote School of Business.
“They demonstrate [to an organization] their ability to attack but do not actually do so,” Bhatia explained. Instead, threat actors tell victims to pay before launching a full-scale onslaught. They usually target companies without “resources or expertise” to adjust their IT systems in time for an upcoming attack.
The cyber agencies’ joint advice did not only feature warnings. It also mentioned several techniques hackers use to launch attacks and invade networks. they include phishing and scam campaigns, brute force attacks, stolen RDP passwords, and exploiting system vulnerabilities.
To avoid falling victim to ransomware attacks, the agencies recommend multiple-factor authentication, regular system updates and patches, and training employees so they can identify phishing emails and suspicious links. Here are CISA’s tips on how to protect yourself against ransomware:
- Update your operating system and software.
- Implement user training and phishing exercises to raise awareness about the risk of suspicious links and attachments.
- If you use Remote Desktop Protocol (RDP), secure and monitor it.
- Make an offline backup of your data.
- Use multifactor authentication (MFA).