By Kyle Fiehler, Webroot
When the Institute for Security & Technology’s Ransomware Task Force published its report on combatting ransomware this spring, the Colonial Pipeline, JBS meatpacking and Kaseya VSA attacks were still around the corner.
Nevertheless, the report took the danger presented by ransomware to both businesses and global security for granted. Already in 2020, according to the report:
- 2,4000 governmental agencies, healthcare facilities and schools had been hit with ransomware
- $350 million had been paid out ransomware actors, a 311% increase over 2019
- It was taking 287 days on average for a business to fully recover from a ransomware attack
Even given what we now know – that 2021 would feature some momentous ransomware attacks against physical and IT infrastructure – the report’s expert authors recognized the threat was dire. That led to them devising a “comprehensive framework for action, ”policy recommendations, in other words, for tackling the threat.