3rd Party Risk Management , Business Continuity Management / Disaster Recovery , Critical Infrastructure Security
Ransomware: What's Changed Since Colonial Pipeline Got Hit?Rapid7's Jen Ellis Details Cross-Government Response, Impact of Russia-Ukraine War
Since Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, efforts to combat ransomware have evolved at a rapid pace.
See Also: Cyberwarfare in the Russia-Ukraine War
"It was a real turning point for a number of different reasons," says Jen Ellis, vice president of community and public affairs at Rapid7. In part, that's because at about the same time, the world's largest meat producer, JBS, got hit by ransomware, driving up food prices. Also hit was Ireland's health system, which disrupted patient care for months. In response, governments quickly began to treat ransomware as a national security threat.
"So all of a sudden, you're seeing this very, very, very senior-level government response. You're seeing an international collaborative response. You're seeing governments look at what policy approaches they can take," she says. "We've seen sanctions since then. We've seen a lot of discussion around how you tackle the problem of safe havens. We've seen more collaboration on law enforcement, including takedowns, for some of the big groups."
In this video interview with Information Security Media Group, Ellis discusses:
- Why Colonial Pipeline and contemporaneous attacks turned out to be a watershed event in the history of ransomware;
- The ongoing impact and role of the international Ransomware Task Force working group launched in 2020;
- How ransomware attacks continue to evolve and the likely impact of the Russia-Ukraine war on cybercrime.
Ellis is vice president of community and public affairs at Rapid7 and co-chair of the Ransomware Task Force created by the Institute for Security and Technology. Her primary focus is on advancing cybersecurity for all by building productive collaboration between those in the security community and those operating outside it. She works extensively with security researchers, technology providers and operators, and various government entities to help them understand and address cybersecurity challenges. Previously, she has served as a nonresident senior fellow with the Atlantic Council's Cyber Statecraft Initiative and testified before the U.S. Congress, and she regularly speaks at cybersecurity events (see: 17 Scenes From the IRISSCON Irish Cybercrime Conference).