It was the year 2021. The year that ransomware exploded.
The Colonial Pipeline in the US paid a total of $4.4m to hackers who brought gasoline and oil supplies to a standstill across eastern parts of the US.
Weeks later, Ireland’s nationalised healthcare system came to a halt, after Russian-based criminal group Conti infiltrated IT systems and demanded $20m in payment, according to reports.
Soon after, New Zealand’s healthcare system suffered a ransomware attack, causing widespread disruption to patient care and international uproar to hold attackers to account.
An estimated $590m was paid in ransomware-related transactions in just the first half of the year.
And this is a figure likely to only include payments originating from the US, according to US agency FinCEN. It also doesn’t account for recovery costs – which could be anything from $761,106 to $1.85m, says Sophos’ State of Ransomware Report 2021.
The cyber insurance market also hardened that year, as demand for insurance grew and a low supply of capital led to higher premiums.
A CRO’s perspective
Carl Leeman, chief risk officer at Katoen Natie, outlines the vulnerabilities that…