[Answered] ‘Despite an increase in cyber threats, there has been a little change in the method of response’. In the context of this statement, explain the threats posed by ransomware attacks and the response required to mitigate the risks. 

A cyber-attack is an attempts to steal, expose, alter, disable or destroy information through unauthorized access to computer systems. Cyber-attacks are a concern not only to individuals but also pose a threat to the national security as was evident from the Stuxnet Worm Attack (2010) that sabotaged the nuclear power programme of Iran. A vast majority of cyber-attacks are directed at small and medium sized businesses. The cost of cyber-crimes in 2020 is believed to be more than $1 trillion.  

Ransomware is a type of malware attack in which the attacker locks and encrypts the victim’s data, important files and then demands a payment to unlock and decrypt the data. According to IBM, ransomware attacks comprised 23% of cyber-attacks and was the number#1 cyber-threat in 2021. 

• The Ransomware attacks pose several threats. Among the most targeted sectors of ransomware are healthcare, education and research, communications and governments e.g., several healthcare ransomware attacks in the past few years have disrupted operations of hospitals, leading to delays in procedures and tests, resulting in an increase in patient mortality.  

• Ransomware attacks are increasing in intensity and frequency, because there are many available soft targets. Statistics suggest that new attacks are taking place every 10 seconds. In fact ‘Ransomware as a Service’ (RaaS), has become a full-fledged business model for ransomware developers and has become an industry of its own. 
• Ransomware criminals are becoming more sophisticated, with the Dark web allowing criminals to access sensitive corporate networks. They are are using ransomware to cripple operations of large business enterprises and governments.  For example, the Colonial Pipeline ransomware attack compromised the oil supply chain in the USA, which resulted in the rise of oil prices. 
• With the increase in amount of commercial and sensitive data belonging to corporations and Government stored in cloud, the threat of ransomware has increased multi-fold. 

With the increase in threats posed by ransomware, there is need of concentrated effort to mitigate the risks. 

• Detailed study of the ransomware attacks of the past to understand the modus operandi of the attackers as well as the vulnerability of the systems. 

• Building resilience at both the institution and human level, is needed to create defense against these attacks e.g., National Critical Information Infrastructure Protection Centre (NCIIPC), National Computer Emergency Response Team (CERT-in) and Cyber Swachhta Kendra that improve capacity at both levels. 
• Preventive and reactive cyber security strategies are needed and are essential. For example, Secure Access Service Edge(SASE) to reduce the risk of cyber attacks and Cloud Access Security Broker (CASB) and Secure Web Gateway (SWG) aimed at limiting the risks to users from web based threats. 
• Use of Zero Trust Model and Micro Segmentation as means to limit cyber-attacks. The zero trust approach to security aims to wrap security around every user, every device, every connection – every time i.e. 100% security coverage to all users, devices at all times. 
• Networks and data structures need to prioritize resilience through de-centralized and dense networks, hybrid cloud structures, redundant applications and backup processes.  
• Promoting a cyber security culture to make the individual companies prioritize investing in cyber security over maximizing short-term profits.  

Cyber-attacks present certain unique challenges which need customized answers. Instead of attempting to devise standard methodologies, and arrive at certain international norms, Governments and cyber security experts should have a pro-active approach to anticipate the moves of cyber criminals and be two steps ahead of them.