Bank Info Security carried a report today that said:
The two crimes that established the reputation of the FBI were "white slavery" and "protection." The latter of course was extortion. We do not hear much about either any more. We should hope for the same result from law enforcement for ransomware. I will continue to hope and work for political pressure. I do not accept that government can simply wash its hands of the problem.
That said, even if I am right, it is not likely to happen anytime soon. It is clear that today's cybersecurity is not sufficient in the light of the rate of successful ransomware attacks. I have argued that we need to raise the cost of attack against our systems roughly ten fold. Start with strong authentication and work toward the so called "zero trust" model in which every process restricts access to itself, protects itself from any process that can see it, and authenticates every process with which it interacts.
In addition one must implement new backup and recovery strategies. Current strategies were based upon the assumptions that we would have to recover a small number of files from errors, device failures, or once in forty year catastrophes. We now need strategies that enable us to recover entire enterprises in hours to days. At a minimum plan to recover each essential application, not merely files, and to do it in the time appropriate for that application. For some mission critical applications that time may be measured in minutes to hours.
Plan for a successful attack on third parties on which you are dependent. Consider single points of failure and plan on how to use alternate sources.
It is a target rich environment and not every enterprise will be breached but one should plan for an attack as often as every year or two. This is a "bet your business" risk and hope is not a strategy.