PYMNTS-MonitorEdge-May-2024

Corporate Ransomware Rears Its Ugly Head Once Again

Ransomware

Ransomware is once again top-of-mind for corporate finance leads in the wake of the Colonial Pipeline attack.

The event has become a painful reminder of the widespread ramifications of a successful attack and the consequences of corporates failing to prepare. It has also given rise once again to the debate over whether businesses should make ransomware payments.

Increasingly, experts advise against paying up.

“You need to ensure that you don’t have to make the decision to pay or not pay,” said Black Kite Chief Security Officer Bob Maley in an interview with PYMNTS. “One preparation can be to have a bitcoin account set up. But the caveat is that you have already emotionally decided to pay, and the ramifications of paying are far more than just paying off bad actors.”

Colonial Pipeline’s troubles weren’t the only recent case of ransomware this week. Reports Friday said the Irish health service also fell victim to the fraud, forcing a widespread shutdown of its computer systems.

Speaking with CNBC, Proofpoint Regional Director of Public Sector U.K. and Ireland Peter Carthew warned that healthcare providers are particularly susceptible to ransomware attacks because they “have the highest motivation to pay up to restore systems quickly.”

It has yet to be seen how Ireland’s healthcare service will navigate the event, but it’s yet another revelation as to just how pervasive — and damaging — ransomware crime has become.

This week’s B2B Data Digest digs into the latest research on ransomware, as well as into other B2B payment fraud risks.

$220,000 became the average ransomware payment value for the first quarter of 2021, a 43 percent increase from Q2 2020 amounts, according to Coveware’s latest report. The intensifying ransomware threat continues to play out in the public eye, most recently with the attack on the Colonial Pipeline in the U.S. But large enterprises are far from the only businesses at risk, according to researchers, who noted that financial losses are not the only consequence of an attack. According to the report, 77 percent of all threats included threats to leak stolen data, a 10 percent increase from the previous quarter. Remote desktop protocol compromises and phishing email attacks remain the most common strategies of attack.

$300,000 was swindled from a shipper due to invoice fraud, according to the International Transport Intermediaries Club (ITIC), which is now warning the transportation and freight industry of such scams. In this particular event, a broker received an invoice from a bunker supplier, but the next day received an email also supposedly from that same supplier notifying the broker that the bank details on the invoice had changed. It was a scam, however, and the broker passed that invoice along to the shipper, which failed to perform due diligence to check that the invoice was accurate (the fraudulent document had reportedly misspelled the bunker supplier’s name). It’s just one of several cases of B2B payments fraud that have hit the industry as of late, the ITIC warned, advising industry participants to check invoice details before payment and check for other red flags.

49 million checks were written by California’s state controller in 2018 totaling about $320 billion for the year. According to The Epoch Times, California remains the only state unable to provide documentation of those payments as requested by Open the Books, which promotes transparent government spending, meaning evidence of line-by-line payments to state suppliers could not be produced. A legal representative for the state controller explained that the State Controller’s Office outsources vendor payment workflows in order to streamline that process, resulting in a lack of internal records about those transactions. While there are no claims of fraud made, a lack of record keeping may make it difficult for a government entity or private enterprise to effectively monitor risks and combat any malpractice.

PYMNTS-MonitorEdge-May-2024