I’ve never had to deal with ransomware, but across the last couple years I’ve been surprised how many friends and customers have dealt with this. For those that are prepared, it’s a time sink and a hassle. For those that aren’t, there is the addition of finger pointing, anger, fear, and often lost data as well.
I hope things don’t get worse, but I think this might be a sign they are. There is some speculation that criminal groups are working together, in a sort of computer hacker cartel. Apparently four criminal groups announced they would be working together. If that isn’t a sign of the craziness of the world, I don’t know what else would be. Criminal groups announcing they are collaborating? Apparently they must think they are businesses like the targets they attack.
There has been some investigation, and there haven’t been signs this is a cartel, with no revenue sharing or coordination, but the fact that they are cross posting data and sharing techniques is bad enough. Helping each other out may help them find more targets and develop better techniques to get around security.
The one concern I’d have with all of this is that these different groups may attack the same companies. Can you imagine getting through an attack, either paying a ransom or not, only to be attacked again? I do think that organizations ought to be worried about their security against ransomware, have good, air-gapped backups, and ensure if they are attacked, they plug any holes in their systems.
Surviving one attack might be hard for an organization, but if there are two or more, I suspect someone’s career will be in trouble.