Will the US government’s response to ransomware be an effective deterrent for bad actors?

Threat Intelligence & Incident Response Threat & Vulnerability Management

2.6k views7 Comments

Sort by:

Global CTO in Construction3 years ago

The response of a country in isolation helps but it is not enough. A global solution must be sought, to protect ourselves, but especially to seek ways to punish hackers or even the countries that host or finance them. In addition, it is necessary to combine and align the efforts of public institutions with private companies.

IT Strategist in Government3 years ago

Of course government attention leading to development of proper policies and deterrents against the ransomware is going to help. What is also important, in my opinion, is for the government to develop a comprehensive set of recommendations and procedures for recovery for such attacks. Lots of businesses do not realise that they do not have proper recovery and contingency plans until the actual disaster happens. We saw it with COVID and we need to learn from our mistakes and improve. Government agencies doing research and recommendation on best practices will benefit everyone.

Director of IT in Healthcare and Biotech3 years ago

Yes, we saw this last year when the President signed an executive order to improve the national cybersecurity systems (this was around the attacks on Microsoft Exchange, Colonial Pipeline, and Solarwinds - all of which were in the news). Sanctions are on the table against bad actors, this could however have negative implications on relationships with other countries.

Director of Service Operations in Finance (non-banking)3 years ago

No. Locks still only keep honest people out. The US from a group-political stand point is also viewed globally as softer under the current administration. Ransomware will continue. The psychology of most bad actors is what also drives them. They have a “we are smarter than you mentality”. The bigger threat is also not ransomware, it’s the malicious, seek to destroy bad actors that are not driven by money or a reward, they just want to to inflict destruction. Ransomware will never go away, but only smaller unorganized players, possibly, will take any US threats as real.

CTO in Transportation3 years ago

It may be a deterrent for some of the smaller players on the field that may move to some other field of forms of attack, scam.

The issue I see is that the potential payouts are so big that bigger actors in the field will continue to evolve in attack sophistication.

Ransomware is here to stay, either in the current form or some evolution of it.

Content you might like

How likely is an organization to have misconfigured multi-factor authentication (MFA) settings?

Very likely6%

Likely41%

Somewhat likely22%

Somewhat unlikely15%

Unlikely11%

Very unlikely2%

Unsure

View Results

Are you seeing changes in the quality or speed of threat intelligence from sources you relied on in previous years? Can you share how you are being impacted so far by the uncertainty around public-private partnerships for cyber information sharing?

Robinhood Market's cryptocurrency unit expects to pay a $30mil fine to end a New York state investigation into its cybersecurity and anti-money-laundering practices, 3x the initial estimate of the potential penalty. Do you currently use Robinhood to track investments?

Yes65%

No34%

How can security leaders in smaller organizations stay informed about emerging threats if they don’t have access to formal threat intelligence feeds?

How are you currently diversifying threat intelligence sources? Is your organization adopting any new strategies or platforms to maintain situational awareness?