What companies need to do about ransomware: National Security Council | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

This is an op-ed from Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technologies.

At the end of October, the White House convened this global coalition, the International Counter Ransomware Initiative (CRI), which includes 48 countries, INTERPOL, and the European Union, to drive international policy, disruptions and diplomacy to fight ransomware.

Together, we released the first-ever CRI policy statement declaring that member governments should not pay ransoms while committing to assist any CRI member with incident response if their government or lifeline sectors are hit with a ransomware attack.

We rolled out global tools to strengthen cybersecurity by launching a mentorship and practical training program for new CRI members as well as innovative platforms enabling CRI member countries to rapidly share information to tackle threats.

FILE - Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, speaks during a news briefing at the White House, Monday, March 21, 2022, in Washington. Since a White House conference in August on ransomware threats, dozens of school districts have signed up for free cybersecurity services, and federal officials have hosted exercises with schools to help them learn how to better secure their networks, said Neuberger. (AP Photo/Patrick Semansky, File)

As we’ve combed through the available data on ransomware attacks and ransom payments in the U.S., we believe it is important to provide updated advice to CEOs and organizational leaders working to keep their companies, hospitals, and schools safe and dry up the flow of ransoms that incentivizes the next attack.

Here is what we’ve learned:

  • Recovery Time from a Ransomware Attack: Ransomware negotiators and incident response firms report that the average victim can recover in days, if they possess proper backups. In contrast, victims who pay a ransom and then use the attacker’s decryptor spend weeks or longer, to recover their data. Recovering from backups is almost always faster than paying a ransom and attempting to recover data with a decryption key provided by a cyber criminal.

  • Recovery Costs from a Ransomware Attack: Ransom payments are equal to, or approaching, the cost to recover/rebuild internal systems from scratch.

  • Ransom Payments Primarily Intended to Prevent Stolen Data from Being Leaked: Paying the ransom doesn’t remove victims’ potential liability and reporting obligations to regulators, state bodies, insurers, or clients. The data is still compromised and there’s no guarantee that the data won’t be leaked, destroyed or used by the attacker to extort the company in the future.

  • Insurers Can Help Harden Targets: Insurers who tie insurance policies to cybersecurity requirements incentivize organizations to put in place practices that make them harder targets.

Together, we must make ransomware a less viable and profitable business.

Here is what we ask of you.

  • Generate and Test Backups: Ransomware actors extort payment through prolonged disruptions to operations. Having the capability to recover quickly through backups gives you options. Ensure that backups are regularly tested and that they are kept separate from your organization’s network—so that if the network is compromised the backup will still be available. Ensure they are versioned so the organization can go back in time if a more recent backup was corrupted in the attack.

  • Share Information with Law Enforcement to Prevent/Help the Next Victim: Ransomware attacks follow similar patterns and playbook. If you experience a ransomware attack, sharing information such as techniques and tactics with the U.S. government can help prevent the next attack. Go to

  • Invest in your security and resilience: It will give you a far better return on investment than a ransom payment.

  • Monitor your digital doors and windows: Account management, multi-factor authentication, patch management, training for employees, reviewing logs, amongst other security controls, will make your organization stronger.

The Biden Administration is committed to continuously disrupting criminal actors, their networks and illicit crypto infrastructure. The White House’s International Counter Ransomware Summit further unites countries around the world in the fight.

Your partnership and your leadership are critical. Together, we can make ransomware a less profitable and less viable business.

Click here for political news related to business and money policies that will shape tomorrow’s stock prices.

Read the latest financial and business news from Yahoo Finance


Click Here For The Original Source.

National Cyber Security