Comment from Semperis following the FBI seizing servers of extortion gang, Radar
August 2024 by Sean Deuby, Principal Technologist, Semperis
The comment from Sean Deuby, Principal Technologist, Semperis following the FBI seizing servers of extortion gang, Radar.
Kudos to the FBI for disrupting another major ransomware operation and sending a message to cybercrime operators that “we see you and we’re in pursuit of you.” While wins like this one are fleeting, it reinforces that the persistent activity by the FBI, Europol and other law enforcement agencies will catch cybercrime operators given the slightest opportunity. And occasionally they score a significant win. The famous bank robber Willie Sutton was asked once why he robbed banks; he said it was because ‘that’s where the money is.’ The same principles apply with ransomware gangs and their attacks: they keep attacking organisations because companies pay ransoms in hopes of eliminating disruptions.
Unless it’s a life-critical situation, it doesn’t pay to pay ransoms as it only fuels the ransomware economy further – and there’s no guarantee you’ll be able to easily recover even if you do pay. Globally, we are experiencing a ransomware pandemic, with attacks increasing and more organisations paying than ever before. In fact, in a recent Semperis global ransomware report we found that 74 percent of organisations were hit by multiple ransomware attacks in the past year. And nearly 80 percent of the time, the companies paid a ransom. Shockingly, 33 percent of companies paid four times or more in the past year.
When ransomware attacks inevitably occur, eliminating single points of failure and having contingency plans in place becomes critical to limiting business disruption to services and reducing significant chunks of downtime. There’s no silver bullet that will solve the cybersecurity challenges facing most organisations, but preparation and rehearsal are two essential steps so organisations should test their plans during peacetime. I recommend companies identify the critical services that are “single points of failure” for the business. If critical services go down, the business stops. Have a plan for “what to do if.” This doesn’t have to be perfect but think now about what to do if email goes away, point of sale systems go down or a customer portal or CRM tool gets locked.