Ransomware has become the biggest cybersecurity issue facing businesses, governments and the wider world today.
As the sophistication, frequency, and consequences of cyberattacks continue to evolve and grow, so private companies and public agencies alike must adapt.
Read nowA series of high-profile incidents during the past year -such as the Colonial Pipeline ransomware attack, the Kaseya ransomware attack, a string of attacks against hospitals and healthcare, including the Irish Healthcare Executive, and many others -have caused problems for millions.
Ransomware is effective because, in many cases, the victim will give into the extortion by the cyber criminals and pay the ransom, often millions of dollars, to get a decryption key to restore their network. In other cases, the victims don't pay, opting to restore the network themselves, a process that can take weeks or months -all the while having an impact on their business or services. Such has been the chaos caused that ransomware has even become part of the discussion between world leaders during international summits.
SEE: A winning strategy for cybersecurity (ZDNet special report)
During the second half of 2021, law enforcement agencies around the world publicised arrests and take downs related to ransomware groups and the dark web services that allow them to operate, with suspects detained in countries including Ukraine, South Korea and Kuwait.
But as welcome as these arrests were for law enforcement agencies, many of the most notorious ransomware crews remained at large. This, in part, is because many of these cyber-criminal operations are run out of Russia -and there's a consensus among cybersecurity experts that the local authorities are willing to turn a blind eye to criminal hackers who focus their attentions on the West.
So, it was a surprise when, on January 14, Russia's Federal Security Service (FSB) announced it had detained suspected members of the REvil ransomware gang operating from several regions of the country and had dismantled the group's operations.
REvil was one of the most disruptive ransomware groups of 2021. One of the high-profile campaigns they carried out included an attack against JBS, which resulted in the food producer paying a ransom of over$10 million.
The ransomware group was also blamed for an attack against Kaseya, the enterprise IT management software provider. The attack resulted in thousands of businesses around the world being disrupted