What’s inside this issue? In the complimentary spring 2022 issue, you will find articles that address the… Continue Reading
Ransomware: You Don’t Always Have to Pay
POSTED NOVEMBER 12, 2021
Karen P. Randall, Connell Foley LLP (Roseland, NJ)
About this program
Ransomware attacks are one of the most intractable — and common — threats facing organizations across all industries, professions and geographies. The sophistication of ransomware attacks continues to evolve rapidly. Unfortunately, the outlook for 2022 is not much better. In particular, threat actors are adjusting their attack model to adapt to improvements that organizations are making to recover from these attacks. Of these, most concerning is a blended extortion-ransomware attack: threat actors steal sensitive company information before encrypting it and then threaten to leak the exfiltrated personal or medical data on the Dark Web if a victim decides not to pay a ransom. This tactic places many victims in a catch-22 payment situation. Moreover, criminal hackers are now recruiting disgruntled employees to deploy ransomware by unleashing malware from inside the organization. Enterprise security and management must constantly re-assess cyber risk and adjust incident response and business continuity plans. Through a ransomware tabletop exercise, we will address the threat landscape, incident response options, mitigation strategies and developing issues in the cyber liability insurance market.