Don’t wait for the government to protect you from Ransomware

There’s an old saying in politics that comes to mind while watching the government’s almost daily pronunciations about the dangers of Ransomware. “It’s never too late to do the right thing, after it’s too late.”   

In the wake of the Colonial Pipeline disaster that brought Ransomware into the mainstream public discourse, lawmakers and other elected officials did what they commonly do under such circumstances: legislate by headline, and lead from behind. 

Last Thursday, the New York Times informed America that the “White House Warns Companies to Act Now on Ransomware Defenses.” The news hook being that the Biden administration had released an open letter urging companies 

to take urgent security measures to protect against ransomware attacks, as hackers shift their tactics from stealing data to disrupting critical infrastructure.

As the Times breathlessly reported, “The bluntly worded open letter followed a string of escalating ransomware attacks that stopped gasoline and jet fuel from flowing up the East Coast and closed off beef and pork production from one of the country’s leading food suppliers.”

We at Net Compliance Solutions applaud the government for using its bully pulpit to call attention to the work we and our colleagues in the cyber security field have been doing for years. And we want to give full credit to the Justice Department for, as they reported on Monday, recovering most of the ransom that was collected by the Colonial Pipeline hackers.

As April Falcon Doss, executive director of the Institute for Technology Law and Policy at Georgetown Law, told CNN, “Ransomware is very seldom recovered,” making this “a really big win” for the government. But she added, “What we don’t know is whether or not this is going to pave the way for future similar successes.”

In other words, there is hope that the government is successfully fighting back against hackers, but recent evidence suggests the bad actors still have the advantage. Close to my  home, the Massachusetts Steamship Authority is still reeling from a Ransomware attack last week that disrupted ferry service to the islands of Nantucket and Martha’s Vineyard for ten days during the onset of tourist season. 

In the wake of the local hack, Massachusetts Attorney General Maura Healey on Tuesday urged Bay State businesses and government agencies — including law enforcement — to immediately assess their existing data security practices, and take appropriate steps to upgrade security measures.

“Leaders from the public and private sectors have an important and critical responsibility to public safety and welfare to protect against these threats,” Healey said. “We strongly encourage all Massachusetts businesses and government organizations to take the appropriate steps to strengthen data security and ensure its computer networks are secure as required by law.”To which we say, thank you for pointing out what we’ve been urging our customers to do all along. Please heed the advice of our government officials, and take your cybersecurity seriously. We are ready to help at any time, just a phone call away at (855)-879-2373. Or drop us an email at info@trustncs.com. Take control of your company’s safety. Don’t wait for the politicians and the media to discover there’s a problem.