While historically, the main goal of ransomware has been to extract, or extort, money or other valuable
consideration from the affected party, NotPetya made us aware that there is a lot more damage an
attacker could do with access to an army of computers spread across the globe than just turning them
into bricks.
To prevent or avoid the consequences of an attack of terrorism, the defenders must effectively repel
every single attempt to perpetrate the crime. Ultimately, the attackers only need to overcome the
defenses once in any given situation to prevail.
Exploring the Potential Impacts of Ransomware Terrorism
In the proposed scenarios created by the Cyber Risk Management (CyRiM) project and Cambridge
Centre for Risk Studies (CCRS), put forth in the report called ‘Bashe Attack: Global infection by
contagious malware,’ a ransomware terrorist attack could be launched through an infected email, which
once opened would be forwarded to all stored contacts.
Then within 24 hours, the malware could encrypt all data on 30 million devices worldwide. In the worst
case scenario of the event, even the backups would be erased—meaning companies of all sizes would
be forced to pay a ransom to decrypt their data or replace their infected devices.
It is easy to conceive that a ransomware attack on this scale would cause substantial economic damage
to a wide range of business sectors through reduced productivity and consumption, inaccessible data
files, IT clean-up costs, ransom payments and supply chain disruption.
The moral of the story according to Lloyds is that all businesses should pay close attention to systemic
risk across all lines of business, not just within the silo of cyber and businesses should buy insurance to
help protect against such catastrophic scenarios.
Clearly as companies increase their reliance on technology, the need to defend against cyber security
challenges like malware becomes ever more critical to meeting the goals of the business. While cyber
insurance has its place in a well-executed cyber security strategy, it doesn’t protect a business or the
economy from the operational nightmare caused by a massive ransomware attack.
At BoldCloud, we have typically worked with companies after they’ve been hit by a one-off ransomware
attack. When the city of Atlanta was hit by ransomware, it provided a very public view into the aftermath
of an attack. It basically brought all cyber related city activities to a complete standstill. More recently,
Norsk Hydro was a victim of the LockerGoga ransomware and estimates their current costs at $40 Million
with a projection of months before being able to resume normal operations. I can only imagine the
nightmare that would ensue if 600,000 businesses were hit within 24 hours. Needless to say, we’d be
very busy helping clients with their data security needs.
Are We Defenseless Against Ransomware Terrorism?