International alliance aims to curb the growth of ransomware

1 Nov 2023

Image: © DOERS/Stock.adobe.com

Cybersecurity experts have praised an upcoming pledge by 40 countries to not pay ransomware demands, but warned that it will not stop these attacks completely.

An upcoming alliance of nations is expected to “impact the flow of ransomware attacks” and have an impact on cybercriminal activity.

The US White House recently announced that 40 countries plan to join a US-led alliance of nations, which will pledge to never pay a ransom to cybercriminals, Reuters reports. There are also reports that ransomware attacks are on the rise this year.

Ransomware is a type of malware attack that encrypts computer files to prevent access, unless a ransom is paid by the victim. It is also a form of cyberattack that appears to be on the rise in recent years.

A Kroll report claimed ransomware spiked globally towards the end of 2022, due to more attacks targeting certain industries such as manufacturing, healthcare and telecoms.

In July, a report by Chainalysis claimed there was an increase in ransomware extortion this year, largely due to a rise in “big-game hunting” – or the targeting of large, “deep-pocketed organisations”. This report also claimed that the number of successful small attacks had also grown throughout the year.

With ransomware remaining a prevalent threat, the upcoming alliance has been praised by some cybersecurity experts. Ryan McConechy, CTO at managed service provider Barrier Networks, said it will impact the flow of attacks and that the “slow wheels of government are beginning to spin”.

“One government can make a negative impact on cybercrime, but here are seeing multiple governments banding together, so the fallout will be high when these policies are enacted,” McConechy said.

Not enough to stop ransomware

Brian Boyd, head of technical delivery at cybersecurity firm I-Confidential, said it’s “positive” to see countries uniting against ransomware as it causes “unimaginable damage to organisations today”.

However, he also said that the 40-country pledge won’t deter attackers from targeting certain territories “entirely”.

“Ransomware gangs are businesses that operate much like modern enterprises,” Boyd said. “They have teams that identify new targets and carry out research on them to understand their accounts, which allows them to set ransom demands that are palatable, not business-destroying, but low enough to seem like the lesser of two evils in comparison with months of costly downtime.

“It is this situation that often leads to businesses paying demands, thinking it is the fastest and most cost-effective way to recovery. This won’t change, even in the wake of this united stance against attackers.”

Boyd said that employees need to be trained to identify email threats and social engineering, as phishing remains a key vector for ransomware attacks to begin.

“Vulnerabilities are also regularly exploited to launch ransomware attacks, so keeping systems up to date with patches is essential,” Boyd said.

McConechy agreed that the alliance will not mean the end of ransomware and that “proactive defences” should still be the focus for organisations.

“While pledges are all well and good, these agreements need to also come with greater information-sharing to help crack down on ransomware enterprises and support to help make it harder for ransomware to take root in the first place,” McConechy said.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Leigh Mc Gowran is a journalist with Silicon Republic

editorial@siliconrepublic.com