The US government and the private sector grapple with the threat of ransomware.


In one look.

  • A common warning regarding Conti ransomware.
  • Calls for an assertive response to ransomware gangs.
  • The commercial sector is quick to pivot in response to regulatory measures.

CISA issues warning regarding Conti ransomware.

The U.S. Cyber ​​and Infrastructure Security Agency (CISA) has issued a new warning (along with the FBI and NSA) against the Conti ransomware. Conti will exploit common vulnerabilities to gain access to its targets, but most of its infestations can be attributed to some variety of social engineering. CISA and its FBI and NSA partners recommend some familiar best practices as mitigation measures. That they are familiar does not mean that they are of no value and that they deserve the consideration of any organization.

Robert Golladay, EMEA and APAC director at Illusive, wrote of Conti’s unsurprising rise:

“The escalation of Conti ransomware attacks is not surprising. We continue to see it distributed via TrickBot infections. Threatening actors are constantly stepping up their game and improving their tools to increase their success rate. And then share what works – they effectively leverage a “GitHub” for attackers, sharing code once they’re successful with a technique. Once an attacker is in the network, which will inevitably happen, it won’t take long for them to move sideways to target the “Crown Jewels”. At this point, it’s too late for businesses to back up their valuable data and assets. Along with implementing zero trust, network segmentation, and updating operating systems and software, enterprises should deploy “active defense”, including deception technology, to catch attackers moving on the network. Any “undetected” movement through the systems will be detected and stopped halfway. It is the most secure way to protect business assets and prevent large-scale attacks. “

Calls for an affirmed response to the ransomware.

Silverado Policy Accelerator chairman Dmitri Alperovich writes in The New York Times that the Biden administration should step up its offensive strategy against cybercriminals and their host countries. Inspired by the ARES Task Force’s 2015 U.S. campaign against ISIS, which turned disinformation into a weapon and disrupted the digital assets of threat actors, such a strategy should target personnel, servers, crypto wallets, code and gang data. Increased sanctions, digital currency regulations and enforcement action could seal the deal, without much risk of escalation, if the story is instructive.

With its thousands of agents and billions of dollars, Alperovich told MSNBC, CyberCom has more than enough capacity to take on criminals, but traditionally directs its attention to terrorists and countries. Since balaclavas are now setting the rules of the road and asking President Putin to intervene “nicely” has not paid off, Alperovich believes it is “past time to take matters into his own hands.”

Regulatory action and trade response.

Industry response to regulatory action can be surprisingly swift. Before the ink on the US Treasury Department’s SUEX sanctions dried, ransomware remediation firm BreachQuest began advertising the legal exposure angle of its anti-ransomware solutions, reports PR Newswire. BreachQuest avoids fines by helping organizations find and mitigate system vulnerabilities and compliance failures, and generally fine-tune their cybersecurity strategies.

BreachQuest co-founder Jake Williams calls the Treasury notice the “last warning for companies to get their security operations in order,” knowing that most attacks are “trivially preventable” and that security sloppy breeds more violations. “With this new advice,” he explains, “organizations may lose the ability to pay attackers to recover, which makes it even more critical that they do what they can now.


Leave A Reply