We are in a vicious cycle of ransomware payments leading to more attacks, and more payments, says James Watts, Managing Director at the IT disaster recovery services company Databarracks. Watts said: “Ransomware must be addressed as a global, societal issue. It is like the โtragedy of the commonsโ. Individuals acting independently in their own best interest against the common good. A business might think they are right to pay the ransom to minimise their costs, but when thousands of organisations do the same, they feed into that vicious cycle.
โAn outright ban is attractive because it would break the cycle. But although itโs a good argument, in practice it will lead to organisations going out of business or being unable to serve their customers, patients and citizens. That is not a viable situation.
โAustralia came close to banning payment before ultimately backing down. The closest to a โbanโ in several countries is a restriction on payments to terrorist organisations โ although often it is not possible for the victim to know exactly who the attacker is.
โThe best route for organisations is to be able to choose not to make the payment. In order to do that, they first need to have an air-gapped, immutable backup that canโt be compromised. They also need to want to refuse the ransom. In some cases, the ransom will cost less than carrying out your own recovery.
โWithout legislation and left to make decisions independently, some organisations will opt for the lower cost ransom payment rather than the hard work of recovery. The way to influence that behaviour is through cyber insurance. If your insurer tells you that your losses are only covered if you recover your systems and business rather than paying the attacker, organisations are guided to make the right choice.
โCyber insurance is one of the few levers that can impact ransomware payments. For it to help raise the base level of preparedness, uptake needs to increase too. It is positive to see that despite the increase in cost and demand, the number of organisations with cyber insurance has also increased.”
Infosec talks
Ransomware is the topic numerous times over the three days of the conference inside the Infosecurity Europe 2024 show at Excel in London Docklands. Speakers on day one, Tuesday, June 4 include Insp Charlie Morrison, Cyber Griffin – City of London Police; day two, Martin Zugec, Technical Solutions Director, Bitdefender; and on the keynote stage on the final morning, a panel including Gareth Bateman, UK Cyber Growth Leader, Marsh; Jon Davies, Senior Director – Cyber Defense, News Corp; and Det Supt Paul Peters, Managing Director of the Cyber Resilience Centre for Wales. Visit https://www.infosecurityeurope.com/.
