Join the #RansomAware Movement

2020 was tough, the world found itself in unfamiliar territory, we faced the challenges of remote working and while doing so ransomware found a gateway to thrive. Worldwide organisations found themselves under a new level of pressure, in a year where ransomware attacks not only grew drastically in numbers, but broke records for its reckless and damaging methods. More recently, organisations including Colonial Pipeline, Ireland’s Health Service Executive and AXA have suffered major attacks at the hands of the threat, putting terabytes of data at risk and potentially netting cybercriminals millions. Ransomware is rife today, over half (57%) of UK companies have reported being victim to ransomware 1; it would seem no company is immune to the threat. 

“Ransomware is a systemic problem which must be tackled as a joint effort by all stakeholders. Cyber risk managers, IT experts, cyber insurers, brokers must all share their expertise and knowledge to maximise positive outcomes and mitigate losses. The cyber insurance community must play a major role to convey best cyber security practices to policyholders which are backed by financial support and loss mitigation protocols.” – said Flavia Kenyon, Barrister at 36 Commercial.

Today ransomware is an enterprise-level criminal industry, with new data showing that in just nine months the attackers behind DarkSide earned over $90 million 2 – highlighting that every attack they carried out ended in a payment. The reason attacks are so profitable is because most ransomware victims feel they have no option but to pay. When the choice is between business continuity and the loss of customer data or paying a five million-dollar ransom demand, taking the financial hit may seem like the safest bet. Everyone can then move on, forget about the attack, and pretend it never happened: it was just a very close call. But this response benefits only the cybercriminals. The more companies talk about ransomware, the more we can learn about the threat and improve defences. There is no need to hide any more, ransomware is affecting everyone. 

“Ransomware is inflicting debilitating attacks on critical infrastructure and posing a threat to national security, it’s for this reason that, the response cannot be left to private companies alone.  We need to encourage information sharing and we need governments to develop policy to support this fight: let’s learn from public health and begin collecting and analysing data much like we have done for Coronavirus throughout the global pandemic. Then we can formulate a holistic response that tackles the root causes of cybercrime and protects and promotes digital business.” – commented Robin Oldham, Founder & CEO of cyber consultancy Cydea.

We are creating the RansomAware movement to encourage organisations to share intelligence on ransomware attacks. We will create a cybersecurity community where organisations feel able to talk about attacks, share their experiences and inform others, even if this must be done anonymously. Cybersecurity Ventures predicts that a ransomware attack occur every 11 seconds and the latest forecast for global ransomware damages is set to reach $20 billion in 2021 3. Getting hit with ransomware is NOT a cybersecurity failure, today it is a fact of life. We believe that the more companies who expose how they were attacked, by whom, if they paid the ransom and if their data was recovered, the more we can learn about attacker tactics, techniques, and procedures to build better defences: Forewarned is Forearmed. We believe we are stronger together. That’s why we’re forming a coalition of businesses, industry bodies, academia, government, influencers and media to stop cyber shaming, share intelligence and fight back against the onslaught of attacks. 

Find out more at talion.net/ransomaware, simply use the hashtag #RansomAware to spread the word.