DailyPost 2071
ARE WE RANSOMWARE READY?
Do we need to be ransomware ready? The answer to this has to be a strong affirmative for anybody, who has even the slightest knowledge of the changing cyber security landscape. Is India moving in that direction, if the situation is so dire. First the ransomware landscape. Recent experience shows that ransomware incidents are growing in size and frequency. It is literally hitting every business globally, the ones on critical infrastructure can lead to critical loss and might be a complete loss of face. Ransomware cost the world $20 billion in 2021. What it includes has also to be made public; is it only the ransom paid or it includes the businesses losses, and the losses on the account of disruption and the recovery cost.
The likely projections show the ransomware cost is expected to rise to $265 billion by 2031. During last year 37% of all businesses and organizations were hit by ransomware. This would turn out to be a huge number, more so when it would only be the sum total of the reported cases. Lots of cases go unreported because of issues related to business reputation. Only the cases which cannot be hidden as per my understanding, get reported. The average cost for recovering from a ransomware attack has been worked out to be $1.85 million on average in 2021. It would not be out of place to find organizations being forced to spend in the range $20 million dollars and still have to struggle six for months and beyond to put the system back on rails.
One of the startling facts is that out of all the ransomware victims, 32% pay ransom, but they only get 65% of the data back. 32% if based on self-declaration in a survey, would also mean some amount of camouflage. Two issues are critical; one is the long-drawn disruption which happens because of partial data returned, even after the ransom has been paid and second is that lots of companies face a second attack and more so by the same attackers. The most important fact is that only 57% of the businesses are successful in recovering their data using a backup. This we can term as the starting point of non-readiness. If the global figure is 57%, it can be left to our imagination, as to what it would be for India. In reality, back up should be legally mandated.
Any company, which does not have the capability to bounce back into business, with the available back, should not be allowed to function. How many of the Indian companies and organisations have a readiness of this nature? Are they even aware of the nature and footprint of the ransomware attacks perpetrated by the main players; Sodinokibi (REvil) – 14.2%, Conti V2 – 10.2%, Lockbit – 7.5% and few other known ones. Is there management knowledge and buy-in, or is it the job of the CISO and the rudimentary team associated with it or even worse it is fully left to the vendors? Are we even in today’s grave scenario believe that we cannot be attacked? Ignorance is never a bliss. The issue is not whether you would be attacked, only when is the question. There is no choice but readiness. The recent ransomware attacks on Oil India and SpiceJet give us a clear signal that dangerous ransomware attacks are waiting in the wings. Readiness leading to resilience is the only way out.
LIP SERVICE IN CYBER SECURITY GENERALLY TURNS OUT TO BE SUICIDAL.
Sanjay Sahay