Backups Are the Only Defense Against Ransomware

April 15, 2024

Backups Are the Only Defense Against Ransomware

Recent takedowns of LockBit and other cybercrime groups have prompted speculation that defense against ransomware attacks might be possible. Not so, writes Cynthia Brumfield, in CSO. Not as long as Russia protects cybercriminals.

2023 ransom payments of more than $1 billion have prompted the US and UK governments, and their international law enforcement partners, to step up efforts to disrupt ransomware actors. There have been some notable successes.

In August 2023, the DOJ announced an operation involving six other nations that took down the infrastructure of ransomware actor Qakbot. Earlier in 2023, the DOJ said it disrupted the Hive ransomware group’s ability to extort victims with the cooperation of German and Netherlands high-tech crime units. More recently, the DOJ went after the ALPHV/BlackCat ransomware group and made an FBI decryption tool available to 500 victims.

But ransomware groups resurrect themselves sooner or later if their Russian leadership remains free and protected from extradition. Until ransom payments are banned, good cybersecurity remains the only way to fend off ransomware attacks, according to security experts.

The key aspect for defense against ransomware is “backups and operability of backups,” says Ciaran Martin, leader of the SANS CISO Network and founder of the UK’s National Cyber Security Centre. If a company is being extorted for availability of service, the systems a cybercriminal encrypts are rendered worthless by backups.

Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, says that “as long as people are still not taking security seriously and they’re not investing in this stuff, they’re going to continue to have these same outcomes. Threat actors are doing this because it’s easy money. Until we raise the barrier, raise the cost for threat actors, and it’s no longer as easy for them to make money off this as it is today, they’re going to keep doing it. If they get disrupted, they’ll build again.”

Critical intelligence for general counsel

Stay on top of the latest news, solutions and best practices by reading Daily Updates from Today's General Counsel.

Daily Updates

Sign up for our free daily newsletter for the latest news and business legal developments.

Scroll to Top