This is an interesting article which talks about 7 cases where compromised ransomware victims paid to regain access to their data. The victim’s vary from police department’s to a Nascar race team. Payment was made via bitcoin, and in one of the cases, the attacks continued even after the ransom was paid. The attacks were made via DDoS attacks on an email service, and via infected computers from successful phishing scams. This article stresses the importance of security awareness training for employees, and backing up data in separate locations. Payment of ransom only encourages more ransomware campaigns so proactive solutions are imperative. The article also briefly talks about an anti-ransomware site ‘No More Ransom’‘ which was created to assist Internet users by recovering their files for absolutely free to stop them from paying ransom to criminals.
Reader Interactions
Comments
Leave a Reply
You must be logged in to post a comment.
I totally agree with your statement that paying the ransom will “encourage more ransomware campaigns..” However, I remember reading an article a few months back where a hospital”s information system was basically held hostage until a ransom was paid. It is one thing if a company like Target experienced a data breach, but it something entirely different when we are dealing with a life and death situation in the case of the hospital IT system being non-functional until a ransom is paid. In this case, I can understand where paying the ransom makes sense. However, like you said, in order to avoid these types of situations, there needs to be more awareness for the employees in terms of the security of their systems. There should also be controls in place which considers these types of issues.
That definitely makes sense, according to the article, the FBI actually encourages victims to pay the ransom in most cases. So it really is a catch 22..and as you stated the more sensitive information , the more important it is to re-gain access to the data as soon as possible. Along with preventative measures and controls, I’m hoping that sites such as ‘No More Ransom’ can provide additional assistance to victims and help to mitigate ransomware campaigns.
Bilaal, thanks for the post.
I just read on ZDNet that ransomware is now the biggest cybersecurity threat mainly because it uses simple attack and the willingness of its victims to pay to unlock their files. This willingness makes it more profitable for cybercriminals to use ransomware for a quick profit. Even the FBI encourages victims to just pay. This is definitely not the best way to battle against these types of attacks. Even if the attackers gave you the key to unlock your files, they have already infiltrated your network and probably have a back door to your systems. What’s to stop them from locking it again?
I have to second the comment about the FBI. I’ve been in the room when the agent essentially says something like “Don’t quote me, but I’d pay it”.
Wade