Ransomware continues to be one of the biggest cybersecurity threats. The International Cyber Expo Team, Nineteen Group, points to how last year DarkSide hit headlines for temporarily taking down Colonial Pipeline, resulting in disrupted gas supplies for many on the US East Coast. REvil was also a name that frequently came up, as the group attacked numerous corporations, from computer manufacturer Quanta to meat processing company JBS Foods.

Fortunately, the reign of such groups has faltered, the Team adds, due to a concerted effort by multiple countries, which saw numerous major cyber gang members arrested and their infrastructure dismantled. Indeed, law enforcement pressure even led to the demise of BlackMatter ransomware. It was an important moment of reckoning for these cybercriminal operations; nevertheless, their resilience has simply instigated an evolution in tactics.

Today, it seems high-profile ransomware gangs have dispersed into smaller, inconspicuous groups; though methods to conceal their identity have split into two primary directions.

On one hand, there are groups leveraging a much wider range of malware, renting and rotating through various strains to avoid identification. While other groups have forgone the use of malware altogether. Rather than detonating ransomware and encrypting data, focus is placed on stealing data and holding it against organisations for ransom. By choosing not to encrypt data, the operations of critical infrastructure are less likely to be seriously impacted as well; thus, reducing the prospect of law enforcement attention.

Either way, the frequency of attacks has not declined in the slightest, adds the Team. "With that said, it may be worth taking up insurance as part of one’s defensive strategy."

Insuring yourself against ransomware
Cyber insurance has become an almost vital tool in ensuring there is financial protection and operational support in place, in the worst-case scenario, states the Team. "However, just like any other insurance an organisation may take out, if you haven’t protected yourself fully with a reasonable level of protection, you’ll risk your cyber insurance being invalid. To make this even more unsettling, what is deemed a reasonable level of protection and good practice will constantly evolve as the threat landscape changes."

All cyber insurance policies include the cost of a ransom demand, but tend not to cover other financial losses, such as lost revenue, cost of remediation, increased premiums, regulatory fines, legal fees and reputational damage. Also, most policies will not protect organisations from being among the 8-out-of-10 that are hit with a second ransomware attack or cover back-to-back ransom payments within a month. Therefore, it’s vital for organisations to make sure their security solutions, processes and procedures are kept up to date, including various certifications and standards such as ISO27000.

Prevention is better than cure
The best way to avoid falling victim to ransomware is to prioritise the protection of sensitive and valuable data. It also comes down to educating users, making sure they are aware of what a ransomware attack is, the common attack vectors and how to report any suspicious activity. Having preventive measures in place will ensure an organisation's downtime and data loss is minimal to none.

The meeting of minds
The cybersecurity industry is full of impressive individuals with the resources and know-how to advise businesses; be it on cybersecurity best practices, navigating cyber insurance policies, producing an incident response plan etc. Together, we can stay one step ahead of the ever-evolving threat landscape. We just need a space to assemble and that is exactly what the International Cyber Expo intends to be.

Held at Olympia London from 27-28 September 2022, International Cyber Expo endeavours to be the go-to meeting place for industry collaboration where everyone from vetted senior cybersecurity buyers, government officials and entrepreneurs, to software developers and venture capitalists, are welcome to share their experiences, knowledge and resources with peers. As one of the must-attend annual cybersecurity expos, the inclusive event is made for the community, by the community, hosts a world-class Global Cyber Summit, an exhibition space, live immersive demonstrations and informal networking.

To register for free tickets to the event, visit: https://ice-2022.reg.buzz/cs

For more information on the event: https://www.internationalcyberexpo.com/nc