This week:
3 – Deloitte gives $5M to Rhode Island as it recovers from a ransomware attack.
2 – Ransomware payments dropped to only $813 million last year.
1 – AI risks could spark an ‘Osama bin Laden scenario’. But don’t let that stop us.
3 – Deloitte is giving $5M to Rhode Island to help it recover from a ransomware attack.
“After a ransomware attack on the state’s health and social services system, Deloitte is giving Rhode Island $5 million to help cover expenses.”
Summary: Deloitte has agreed to pay Rhode Island $5 million to help cover the cost of recovering from a ransomware attack that compromised the state’s RIBridges online benefits system. The recovery expenses will include a call centre, credit monitoring, and identity protection for affected users. The attack, attributed to the Brain Cipher ransomware gang, exposed the personal information of approximately 2,000 users, including their social security numbers, employment details, and financial data). According to WPRI, Deloitte is the contractor that runs the system and is facing class action lawsuits because of the breach.
Nevertheless, it’s unusual for a third party service provider to make such a financial contribution so quickly, as many would fear it could be regarded as an admission of liability (which is not the case here).
So what? If you rely on a third party service provider, is there any contractual obligation on them to help you recover from an incident or any clear statement on who pays the recovery costs? And if you are a service provider, what protections have you put in place within your contracts to ensure the costs of just one incident doesn’t shut you down?
Source: StateScoop (via Risky Business)
2 – Ransomware payments dropped to only $813 million last year.
“Ransomware extortion payments fell in 2024 [as crime gangs] raked in just $813.55 million last year compared to 2023’s record-breaking haul of $1.25 billion.”
Summary: Chainalysis recently released a report which suggests ransomware payments have dropped by 35% year-on-year. Despite an increase in ransomware attacks, fewer victims paid ransoms. It is difficult to know why fewer paid, but better (i.e. secure and offline) backups, better law enforcement actions, and stronger defences within large organisations all made the ransomware gangs’ job that bit harder. a shift towards targeting smaller organizations with more modest demands.
Now that large organisations are better at defending themselves, the report suggests that the gangs are shifting their focus to smaller organisations, who may pay less but are easier targets.
So what? If you work in a smaller organisation, what have you done to reduce the likelihood and impact of a ransomware attack? If your answer is “I trust that my third party service provider has this covered”: Don’t trust. Verify.
Source: The Register
1 – AI risks could spark an ‘Osama bin Laden scenario’. But don’t let that stop us.
“As countries jostle to win the artificial intelligence race, Google’s former CEO cautioned that AI could pose ‘extreme risks’ if it falls into the wrong hands.”
Summary: Another day, and another tech giant warning about the serious risks to humanity that arise from the rampant development of AI, and then giving out to Europe that it is over-regulating and driving away investment. This time, Google’s former CEO, Eric Schmidt, flags his concerns that AI could enable the bad guys to develop serious weapons or launch major terror attacks and warning that because of over-regulation, it won’t be a European who gets blamed for developing this technology in the first place.
So what? Most of these interviews can be summed up with two sentences: “We are developing a technology that will make the bad guys even badder and could wipe out the human race. But let’s not let these existential risks to humanity get in the way of economic growth.”
And finally..
These warnings are always about AI falling into the wrong hands.
But, given the current political situation around the world and the disregard that tech giants have for us mere mortals…
Where are the right hands?
[Photo Credit: Skyler Ewing]