Bookmark and Share

Ransomware on the Rise

This roundtable group noted that ransomware is somewhat unique from other types of malware in that it is focused specifically on extorting the victim for making a very quick profit. Depending on the severity it can affect not only your organization alone, but also your third-party suppliers or even your customers. These attacks can make your entire company “go dark” while dealing with the issue—one group member noted that one of their suppliers was out of commission for days while trying to deal with a ransomware attack. The group agreed that becoming a victim of one of these attacks is an ugly matter that is extremely difficult to handle once it happens, so prevention is an absolute necessity first and foremost. If it does happen, systems should also be able to detect the issue as quickly as possible so the situation can be rectified as efficiently as systems and teams are capable. The absolute last resort should be when you are faced with the decision of trying to fight the attack or pay up the ransom. Even then, the group said, when your attacker gives you the key—either by receiving your ransom or your team locating it—will you ever use that compromised endpoint again? Probably not; your system will have to be reassessed and construction altered. So, in the end, prevention is the best option for handling this new and aggressive issue. If it ever gets to the point of a compromised system, the work becomes ten times as difficult and the situation is elevated to extremely high risk—and your entire system will come under scrutiny.