Cybersecurity

Amid the continued upward trend in ransomware attacks, the U.S Treasury issued a bulletin this morning that begins proposed actions of levying sanctions against cryptocurrency exchanges, wallets, and traders utilized by ransomware groups. At the behest of the Biden Administration, today’s actions include the Department of the Treasury’s Office of Foreign Assets Control’s (OFAC) designation of SUEX OTC, S.R.O.

Under the guise of ‘negotiators don’t care about the victim, they’re only in it for the money,’ at least two ransomware groups have recently upped the ante on their quest for a quick buck – or hundreds of thousands of bucks. Amid the flurry of ransomware attacks, the Grief ransomware group is now threatening to destroy the decryption keys of any victim who hires a professional negotiator. Similarly, the Ragnar Locker ransomware group threatened to release stolen data if the victim contacted law enforcement or a negotiator.

The Australian Cyber Security Centre (ACSC) has released its second annual report on key cyber threats and statistics from 2020–2021. The report underlines that threat actors have greatly exploited the pandemic environment, ransomware attacks saw a 15 percent increase over the past year, and around 25 percent of all reported cyber incidents were associated with critical infrastructure. WaterISAC encourages members to review the ACSC report more insights and observations.

As cybersecurity threats continue to proliferate in today’s increasingly interconnected world, it is imperative to generate new strategies for confronting this dynamic threat. For example, before crafting new cyber policies, it is important to understand the bottlenecks impacting your current cybersecurity practices. Likewise, cyber defense isn’t always about technology controls and strategies. Sometimes it may be necessary to address our cultural mindsets from being reactive to proactive through cooperation, communication, and initiative.