Skip to main content
close search
site logo
Dive Brief

Ransomware seen as top cyberthreat as extortion demands, payouts soar

Published May 24, 2021
David Jones's headshot
Reporter
David Ramos via Getty Images

Dive Brief: 

  • Ransomware is currently the most prevalent global cybersecurity risk, as threat actors have become more brazen and are targeting everything from large companies to school districts to hospitals, according to a keynote address at the RSA Conference by Dmitri Alperovitch, chairman of Silverado Policy Accelerator and the co-founder and former CTO at CrowdStrike, and Sandra Joyce, EVP of threat intelligence at FireEye Mandiant. 
  • Ransomware morphed into a dual threat as extortion has become a method to shame companies into paying huge sums of money, according to Joyce. She cited recent extortion attempts in the tens of millions of dollars, including a recent $50 million demand. Some national governments allow ransomware gangs to operate freely, and in some cases work alongside government intelligence services. 
  • The relationship between the U.S. and its leading nation-state adversaries, Russia, China, Iran and North Korea, is at its lowest point in at least 60 years in terms of the threat landscape, Alperovitch said. As a result, adversaries are becoming more and more reckless and open in their activities, raising concerns about what could happen in the future.

Dive Insight:

Coming on the heels of the SolarWinds and Microsoft Exchange Server campaigns, organizations are at greater risk of cyberattacks with threats spanning sectors, from national governments to major corporations.

A spate of ransomware attacks have targeted critical infrastructure facilities such as the Colonial Pipeline and hospital systems in Ireland. Not only have the the payout demands changed, but threat actors are using extortion to put additional pressure on companies to negotiate payments. 

"They're using extortion in really shaming ways, so they'll threaten to dump data that they've found," Joyce said. "They'll even call competitors, they'll call your customers, they want to use shame as a tool, and that puts organizations in an impossible situation."

An M-Trends report released in April from FireEye Mandiant identified more than 800 alleged multifaceted extortion victims that likely had data stolen. Mandiant gathered the data over a 12 month period ending the end of September 2020. 

Companies can risk violating Office of Foreign Assets Control (OFAC) laws if they make ransom payments to threat actors in certain countries. The U.S. Treasury Department, which oversees OFAC, put out an advisory in October 2020 that warned companies about the potential risk of sanctions if a ransom is paid. 

Ransomware attacks in the future could also target firmware, which could do significant damage to computer hardware inside an organization, according to Alperovitch. So far industry has not seen specific ransomware attacks going after firmware, but he said that could potentially become an issue. 

The Tokyo Olympic games, scheduled to begin in late July, will also likely be targeted, as the first major global sporting event since the beginning of the COVID-19 pandemic will be a showcase for a statement attack. 

"The Olympics provide threat actors the ability to send a message, and do it at scale," Joyce said.

Filed Under: Threats

Editors' picks

Company Announcements

View all | Post a press release
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
Editors' picks
Latest in Threats
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell