Columbus mayor wants national cybersecurity plan, cites company pushing for ransom ban

Posted on by Vaseline

COLUMBUS, Ohio (WSYX) — Columbus Mayor Andrew Ginther wants to launch a national strategy to combat the rise of cyber and ransomware attacks on cities across the United States.

Speaking to reporters last week, he said Columbus was one of 50 cities targeted by ransomware attackers this year, after 95 cities were hit last year. Mayor Ginther obtained his data from New Zealand-based cybersecurity firm Emsisoft.

“I’m following the activities of criminal gangs as they attack victims and potential victims,” ​​Emsisoft cyber analyst Luke Connolly told ABC 6 News on Friday. “I think it’s pretty random, to be honest. The criminal gangs are just throwing … spaghetti at the wall and seeing what sticks.”

In preparing for the interview, Connolly first identified Columbus’ 260,000 stolen files on the dark web. He said it only took him a few minutes to find them, but he never downloaded any of the stolen data.

“The threat actors… it’s in their best interest to be open and public about it,” he said. “I don’t (download) for a number of reasons. First, there’s ethical and legal reasons. There’s private information there.”

Connolly is currently tracking 155 criminal gangs based in countries including Russia, Iran, China, North Korea and Belarus. He says the criminal enterprises operate like businesses, with managers and development departments.

“They’re going to have HR departments. They’re going to have vacation policies,” Connolly said.

However, the gangs will recruit ‘partners’ in the regions where the attacks take place to carry out the hack.

“They have affiliates that do the dirty work,” Connolly said. “If the affiliate is successful in compromising the city, then they split the revenue with that (affiliate).”

Emsisoft tracked ransomware attacks since early last year in Circleville, Ottawa County, Huber Heights, Defiance, Columbus, Cleveland and the Ohio Lottery Commission.

Since the Columbus attack, Connolly has identified 286 other ransomware attacks worldwide. In a 2023 annual report, the company said the average ransom size increased from $5,000 in 2018 to $1.5 million last year.

While Mayor Ginther announced an agenda for a national cybersecurity plan, Connolly said increased investment in technical cybersecurity and employee education must play a role. Ultimately, Emsisoft argues that ransomware victims must stop complying with demands and providing huge financial incentives.

“In jurisdictions where ransomware payments are prohibited, attacks have decreased,” Connolly said.

Ransomware attack group Rhysida took responsibility for the Columbus attack. The FBI first issued a warning about the group in the summer of 2023. Since then, they have listed 120 victims on their dark web site.

Mayor Ginther sent an “update” to ABC 6 News on the case on Friday. While there was no new information about the investigation, he again urged all Columbus residents, workers and anyone outside the city who has been affected to sign up for two years of free, city-funded credit monitoring.

Avatar for Vaseline
Vaseline https://newspowergreen.biz.id

You May Also Like

More From Author