The U.S. Justice Department has created a new task force dedicated to rooting out and responding to the growing threat of ransomware. This move has been driven by concerns from the Biden administration.
This is in response to 2021 already being the worst ever for ransomware attacks, which is also supported by a recent report highlighting that the largest ransomware demand now stands at $30 million. In addition, the typical ransom paid in exchange for a decryption key to unlock encrypted networks rose from $115,123 in 2019 to a staggering $312,493 in 2020.
These trends show how ransomware attacks are continuing to prove to be extremely lucrative, with the most well-organized gangs earning huge sums per victim,
Examples of high-profile network security incidents include Russian-backed SolarWinds hacking campaign plus the Microsoft Exchange server vulnerabilities. With these Microsoft has attributed the attacks to Chinese hackers.
The U.S. government response includes moving resources to areas like training and intelligence sharing. There is no indication that additional state resources are to be supplied, however.
According to new analysis from Jeff Brown, CEO at Open Systems, this announcing represents a step in the right direction.
Brown says: “The U.S. Justice Department has announced the creation of a ransomware task force. This follows a year that the agency described as the worst ever for ransomware.”
In terms of what exactly is involved, Brown says: “The Department of Justice move – and reports indicating that ransomware has soared 62 percent since 2019 and that the average ransom payment increased by 60 percent between the first and second quarters of 2020 – illustrate the extreme risk that such cyberattacks pose for organizations today.”
The current situation, driven by coronavirus measures, has not helped either. Here Brown finds: “This is all happening against a backdrop in which more people are working from home and an increasing number of business applications are moving to the cloud.”
As to the ideal state, Brown sees this as; “The extended enterprise edge and growing cyberthreat highlight the need for complete, context-aware, zero-trust solutions.”