noelward
Well-known member
Ransomware at Play
By Noel Ward, Editor@Large
The bad guy penetrated your computer system while you were sleeping. His ransomware landed while you were driving to work, locking up your files, which are inaccessible behind his encryption. Now you’re having a bad day before your second cup of coffee.
Since you are probably receiving a few files electronically your email is open to the world. This means all kinds of bad guys can rain on your parade. A favorite ploy is ransomware, in which you can’t access your files without paying the bad guy for access. Ransomware has also gotten sophisticated. Dwell time (how long a bad guy waits to wreck your day) is now hours, not days like it used to be. Imagine a customer has sent you the layout for a catalog and mail piece. It came in electronically on Friday, just before you closed and it is not backed up. This morning you get an email explaining that you can get the now-encrypted file back for a mere $50K. Call me crazy, but that might be an awkward to call your client. Even if you convince your client that the file was inadvertently deleted you lose a lot of credibility, plus the client may walk and not come back.
To further wreck your morning the bad guy also encrypted all your hard drives or set a time bomb to lock them up in the next time one of the computers on your network is restarted. That would lock up all your customer files and your accounting, which you have carefully placed on a separate drive. Unlocking that will run a paltry $750K. How’s your checkbook looking?
Such hacks are cheap on the Dark Web and the payback can be substantial. You’re just someone’s next victim. Fifty-three other companies are receiving emails much like yours.
To pay or not to pay
Don’t pay up, security experts recommend, because it only encourages the bad guys. Since these characters often share info about their “targets,” the fact that you paid up may bring another miscreant to your servers. Like this: “I got a cool 800-Large from DEF Printing. They folded in a nano. Install that encryption we got off the Dark Web and send ‘em a note. Or text ‘em. Here’s the main dude’s cell number.”
Instead of paying up, do some things to make their life harder so you lessen the chances of being hacked. You cannot make your business impervious. But being lazy the bad guys will move on to a softer target. Start by hiring a security firm do a penetration test (called a pen test) on your systems to find out how vulnerable you really are. You may not like the answer. However, there is no one-and-done solution because cyber security is a constantly moving target. So you have to do more. Here’s a partial list:
It’s okay to be paranoid. Someone may be out to get you.
By Noel Ward, Editor@Large
The bad guy penetrated your computer system while you were sleeping. His ransomware landed while you were driving to work, locking up your files, which are inaccessible behind his encryption. Now you’re having a bad day before your second cup of coffee.
Since you are probably receiving a few files electronically your email is open to the world. This means all kinds of bad guys can rain on your parade. A favorite ploy is ransomware, in which you can’t access your files without paying the bad guy for access. Ransomware has also gotten sophisticated. Dwell time (how long a bad guy waits to wreck your day) is now hours, not days like it used to be. Imagine a customer has sent you the layout for a catalog and mail piece. It came in electronically on Friday, just before you closed and it is not backed up. This morning you get an email explaining that you can get the now-encrypted file back for a mere $50K. Call me crazy, but that might be an awkward to call your client. Even if you convince your client that the file was inadvertently deleted you lose a lot of credibility, plus the client may walk and not come back.
To further wreck your morning the bad guy also encrypted all your hard drives or set a time bomb to lock them up in the next time one of the computers on your network is restarted. That would lock up all your customer files and your accounting, which you have carefully placed on a separate drive. Unlocking that will run a paltry $750K. How’s your checkbook looking?
Such hacks are cheap on the Dark Web and the payback can be substantial. You’re just someone’s next victim. Fifty-three other companies are receiving emails much like yours.
To pay or not to pay
Don’t pay up, security experts recommend, because it only encourages the bad guys. Since these characters often share info about their “targets,” the fact that you paid up may bring another miscreant to your servers. Like this: “I got a cool 800-Large from DEF Printing. They folded in a nano. Install that encryption we got off the Dark Web and send ‘em a note. Or text ‘em. Here’s the main dude’s cell number.”
Instead of paying up, do some things to make their life harder so you lessen the chances of being hacked. You cannot make your business impervious. But being lazy the bad guys will move on to a softer target. Start by hiring a security firm do a penetration test (called a pen test) on your systems to find out how vulnerable you really are. You may not like the answer. However, there is no one-and-done solution because cyber security is a constantly moving target. So you have to do more. Here’s a partial list:
- Have updated software that is designed to protect data
- Limit how many files are accessible at any time.
- Get cyber insurance. Insurers will insist on the above steps. Some companies that thought cyber insurance was too expensive aren’t around anymore. Others I’ve talked with say they would have gone under without the insurance.
- Have a contract set up in advance with an internet security company so you have someone to call who knows how to deal with this stuff.
- Have a written plan that plan that is updated regularly and resides places other than the bottom drawer of peoples’ desks.
- Have people on staff to handle a security breach as part of their assigned responsibilities. Someone, such as your equivalent of a Chief Information Officer, should be in charge of this team.
- Work with your security vendors and the internal team to game out the steps to take when reacting to an incident or intrusion. Your security vendor will have advice on this. Listen!
- Roll out your security team and practice response to a hostile event a couple times a year so you are better prepared.
- The cost to your business is not limited to the intrusion and lost work. There are also legal costs, business that may leave, and your reputation in the business community. Insurance cannot and will not cover some of this.
- Establishing and maintaining trust with clients during and after a security breach is critical.
- Document what happened and what your company did so you have a record.
It’s okay to be paranoid. Someone may be out to get you.
