Article Link: http://www.securityweek.com/ransomware-formidable-enterprise-threat
Article Title: Ransomware: A Formidable Enterprise Threat (Apr 22nd, 2016)
Article Summary:
This article describes ransomware, a recent trend in cybersecurity. Ransomware is similar to other malicious computer viruses that can infect devices, but with ransomware attackers attempt to extort their victims. One example of how this type of attack is orchestrated is attackers will encrypt all files and programs belonging to a victim. The attackers then communicate to the victim that they will provide the ability to decrypt all of the files if a ransom is paid. In recent years, the ransoms are usually requested in Bitcoins, which is a virtual form of currency which helps the attackers evade detection. Attacks can be launched against ordinary citizens which typically have a ransom amount between $200 and $400. However it is more common for these attacks to target corporations and enterprises. This benefits the attackers because they can demand larger ransom amounts without having to constantly worry about resetting their IP settings after each smaller attack.
Implications:
I chose this article for a couple reasons. The first is because I recently witnessed this type of attack firsthand. I always used to think: “well those attacks probably never really happen,” but about a month ago, the company I work for was targeted by ransomware. All of our files were encrypted and could not be opened. The company database was also inaccessible. However we were able to resolve the issue within 24 hours and did not have to pay the ransom. This was due in part to the fact that my company backs up all data every single day, which the article states is one of the simplest yet most effective counters to a ransomware attack. The article stated that only 38% of companies said that they have a strategy in place to deal with a ransomware attack which I found surprising. The ransomware got installed into a workstation computer at my company by an employee opening an e-mail attachment which brings me to my second reason for choosing this topic. As MIS students, we have heard multiple times that these types of attacks are usually the result of human/employee error. Employee education can go a long way for preventing these types of attacks.
Wow. The article was a good summary of how ransomware works, and even more important was your company's ability to resolve the encrypted files from a data backup. Hospitals and healthcare clinics in general are notoriously bad at security and data backup, so they are attacked by ransomware quite often. Seems like these attackers know where to look. Moreover, phishing expeditions are often overlooked because employees are not looking for this problem. Thanks for the point of view!!
ReplyDelete