In response to the recent publication of the Counter Ransomware Initiative (CRI), members of the initiative have provided new guidance to organizations so they can consider other possibilities before paying cyber criminals a ransom.
The new guidelines aim to reduce the overall impact of ransomware incidents and help reduce the number of ransoms paid by victims and the size of the ransoms when victims decide to pay them.
A new voluntary ransomware guide released in conjunction with the International Counter Ransomware Initiative meeting this week outlines recommendations that victims may need to report ransomware attacks more promptly - and that they should involve as many advisers as possible when deciding whether to pay a ransom.
On Wednesday, the governments of the United Kingdom and Singapore, which are leading discussions as to how to increase the resilience of the country's network against ransomware attacks, published a voluntary guidance document aimed at helping victims respond to ransomware attacks in the best way possible.
In the proposed legislation, victims are encouraged to report attack information and any ransom demands or payments they may be required to make to law enforcement agencies, cyber insurance companies, and other outside agencies that may be able to assist.
Ransoms are discouraged so victims don't have to pay them, but if victims decide to pay the ransom, it should only be done after ensuring that it has a strong chance of changing the outcome of the incident and is following any local regulations.
In the guidance, it is strongly discouraged that firms make payments to victims, however, there is an acknowledgement that there may be times when consumers can afford to make payments to victims.
Regardless, it should be noted that, for instance, the UK government does not endorse or condone the act of paying ransom for any reason.
In a recent Chainalysis study published earlier in the year, it was reported that ransomware actors will collect more than 1 billion dollars in payments by 2023. From 2019, when Blockchainalysis began recording the market for ransomware payments, the general trend has been that payment amounts have been on the rise.
In this commentary, the CRI emphasizes that even if the decryption key has been obtained, that may not be sufficient to bring an end to the incident. Payment does not guarantee access to data and devices.
A welcome statement was made by Jonathon Ellison, NCSC Director for National Resilience, when he stated, "Ransomware remains an urgent threat, and organizations need to act now to enhance their resilience."
38 countries, including the United Kingdom, Australia, Canada, Japan, the United States, and New Zealand, have joined the International Cyber Insurance Federation (ICIF) to back the guidance outlined in the CRI.
According to Ellison, the endorsement of these best practice guidelines, both by nations and international cyber insurance bodies, represents an enormous push for organizations to upgrade their defence systems and enhance their cyber readiness in the coming year.
As a part of the event, participants tackled several initiatives, more specifically the completion of a project to ensure secure software and labelling principles are in place by both the U.K. Government and the United States Government.
It was announced that Australia had launched the 'Member Portal' to share information with members and that a new U.S. Government fund has been established to strengthen the cybersecurity capabilities of its members.
It was in response to an announcement made one day earlier by the U.S., U.K., and European governments announcing arrests, indictments, sanctions, and the downing of servers related to the Russian cybercrime network, all aimed at targeting Russian hackers.