Formal ban on ransomware payments? Asking orgs nicely to not cough up ain’t working

From theregister.com

Emsisoft has called for a complete ban on ransom payments following another record-breaking year of digital extortion.

Ransomware gangs breached the IT networks of at least 2,207 US hospitals, schools, and government organizations in addition to “thousands” of private-sector businesses last year, the security shop said on Tuesday. On average, these attacks cost targets about $1.5 million to rectify.

“In 2023, the US was once again battered by a barrage of financially motivated ransomware attacks that denied Americans access to critical services, compromised their personal information, and probably killed some of them,” the New Zealand-based infosec firm noted

This included 46 American hospital systems, 108 K-12 school districts, 72 colleges and universities, and 95 government bodies. For comparison: 2022 saw 25 attacks against hospitals, 45 against K-12 schools, 44 targeting post-secondary education, and 106 against government organizations.

Read more…