![\"\"](\"https:\/\/www.backblaze.com\/blog\/wp-content\/uploads\/2021\/11\/bb-bh-Q3-Ransomware-Takeaways-Post.jpg\")
<\/p>\r\n<\/p>\r\n
While the first half of 2021 saw disruptive, high-profile attacks, Q3 saw attention and intervention at the highest levels. Last quarter, cybercriminals found themselves in the sights of government and law enforcement agencies as they responded to the vulnerabilities the earlier attacks revealed. Despite these increased efforts, the ransomware threat remains, simply because the rewards continue to outweigh the risks for bad actors.<\/p>\r\n
If you\u2019re responsible for protecting company data, ransomware news is certainly on your radar. In this series of posts, we aim to keep you updated on evolving trends as we see them to help inform your IT decision-making. Here are five key takeaways from our monitoring over Q3 2021.<\/p>\r\n
<\/p>\r\n
No surprises here. Ransomware operators continued to carry out attacks\u2014against Howard University<\/a>, Accenture<\/a>, and the fashion brand Guess<\/a>, to name a few. In August, the FBI\u2019s Cyber Division and the Cybersecurity and Infrastructure Security Agency (CISA) reported an increase in attacks on holidays and weekends<\/a> and alerted businesses to be more vigilant as we approach major holidays. Then, in early September, the FBI also noticed an uptick in attacks on the food and agriculture sector<\/a>. The warnings proved out, and in late September, we saw a number of attacks against farming cooperatives in Iowa<\/a> and Minnesota<\/a>. While the attacks were smaller in scale compared to those earlier in the year, the reporting speaks to the fact that ransomware is definitely not a fad that\u2019s on a downswing.<\/p>\r\n Heads of state and government agencies took action in response to the ransomware threat last quarter. In September, the U.S. Treasury Department updated an Advisory<\/a> that discourages private companies from making ransomware payments, and outlines mitigating factors it would consider when determining a response to sanctions violations. The Advisory makes clear that the Treasury will expect companies to do more to proactively protect themselves, and may be less forgiving to those who pay ransoms without doing so.<\/p>\r\n Earlier in July, the TSA also issued a Security Directive<\/a> that requires pipeline owners and operators to implement specific security measures against ransomware, develop recovery plans, and conduct a cybersecurity architecture review. The moves demonstrate all the more that the government doesn\u2019t take the ransomware threat lightly, and may continue to escalate actions.<\/p>\r\n Two major ransomware syndicates, REvil and Darkside, went dark days after President Joe Biden\u2019s July warning to Russian President Vladimir Putin to rein in ransomware operations. We now see this was but a pause<\/a>. However, the rapid shuttering does suggest executive branch action can make a difference, in one country or another.<\/p>\r\n Keep in mind, though, that the ransomware operators themselves are just one part of the larger ransomware economy (detailed in the infographic at the bottom of the post). Two other players within the ransomware economy faced increased pressure this past quarter\u2014currency exchanges and cyber insurance carriers.<\/p>\r\n In messages with Bloomberg News<\/a>, the BlackMatter syndicate pointed out its rules of engagement, saying hospitals, defense, and governments are off limits. But, sectors that are off limits to some are targets for others. While some syndicates work to define a code of conduct for criminality, victims continue to suffer. According to a Ponemon survey<\/a> of 597 health care organizations, ransomware attacks have a significant impact on patient care. Respondents reported longer length of stay (71%), delays in procedures and tests (70%), increase in patient transfers or facility diversions (65%), and an increase in complications from medical procedures (36%) and mortality rates (22%).<\/p>\r\n It\u2019s not surprising that ransomware operators would steal from their own, but that doesn\u2019t make it any less comical to hear low-level ransomware affiliates complaining of “lousy partner programs” hawked by ransomware gangs “you cannot trust.” ZDNet reports<\/a> that the REvil group has been accused of coding a \u201cbackdoor\u201d into their affiliate product that allows the group to barge into negotiations and take the keep all for themselves. It\u2019s a dog-eat-dog world out there.<\/p>\r\n This quarter, the good news is that ransomware has caught the attention of the people who can take steps to curb it. Government recommendations to strengthen ransomware protection<\/a> make investing the time and effort easier to justify, especially when it comes to your cloud strategy<\/a>. If there\u2019s anything this quarter taught us, it\u2019s that ransomware protection should be priority number one.<\/p>\r\n If you want to share this infographic on your site, copy the code below and paste into a Custom HTML block.\u00a0<\/em><\/p>\r\n\r\n\r\n\r\n The ransomware threat is evolving. Read the latest takeaways from Q3 2021 to help inform your IT decision-making around ransomware protection.<\/p>\n","protected":false},"author":157,"featured_media":103391,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[475],"tags":[468],"class_list":["post-103389","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ransomware","tag-b2cloud","entry"],"acf":[],"yoast_head":"\n2. More Top-down Government Intervention<\/strong><\/h2>\r\n
3. Increased Scrutiny on Key Players Within the Ransomware Economy<\/strong><\/h2>\r\n
\r\n
4. An Emerging Moral Compass?<\/strong><\/h2>\r\n
5. Karma Is a Boomerang<\/strong><\/h2>\r\n
The Good News<\/strong><\/h2>\r\n
![\"diagram](\"https:\/\/www.backblaze.com\/blog\/wp-content\/uploads\/2021\/11\/The-Ransomware-Economy_-scaled.jpg\" "\\"The")
<\/p>\r\n\r\n<div><div><strong>The Ransomware Economy<\/strong><\/div><a href=\"https:\/\/www.backblaze.com\/blog\/ransomware-takeaways-q3-2021\/\"><img src=\"https:\/\/www.backblaze.com\/blog\/wp-content\/uploads\/2021\/11\/The-Ransomware-Economy_-scaled.jpg\" border=\"0\" alt=\"diagram of the players and elements involved in spreading ransomware\" title=\"diagram of the players and elements involved in spreading ransomware\" \/><\/a><\/div><\/code><\/pre>\r\n","protected":false},"excerpt":{"rendered":"