INTELLIGENT BRANDS // Enterprise Security powered by
It ’ s not difficult to wrap your brain around how ransomware could do serious damage to businesses . But how , exactly , do CISOs and other security executives deal with the infection and its aftermath ? Let ’ s take a closer look at three different potential ransomware infection scenarios .
Let ’ s say there are three types of business leaders who deal with computer systems — whether that ’ s a small business owner or a highlevel security official at an enterprise company . Each of these leaders have different opinions about computer security . They can be defined as follows :
• The prepared one
• The reactionary one
• The naive one
Prepared Our first leader , the prepared one , likes to think that they have done everything in their power to mitigate an attack – keeping the system upto-date , using security software and providing employee training on how to avoid things like phishing attacks . Unfortunately , one of the employees visited a popular and well-respected website that was dealing with a malicious advertising attack . The attack launched a zero-day driveby exploit on a work system . The exploit installed a brand-new family of ransomware , meaning that many types of security software would be unable to protect the system .
This method , while pretty unlikely , can circumvent many security solutions currently in place . And while it won ’ t take long for the security industry to start detecting and preventing this type of attack , our business leader has had the customer database encrypted by cybercriminals asking for lots of money .
Reactionary Our next leader thinks that only gullible and ignorant people get infected with malware , and that by avoiding obvious bad sites and deleting obvious phishing emails , the business is protected from a threat . Many threats can be avoided through user education ; however , not all of them , and certainly not the ones that cause the most damage .
So without concern , the leader allows his employees to conduct work , check social media and install software on work computers . Then one day , an employee gets an invoice from a local vendor she uses , same as she does every month , but this time , the email address is spoofed and the invoice is actually a script which neuters any security software and downloads malware . Suddenly , that employee has been infected , and since security software has been disabled , all mapped drives get encrypted , basically stealing thousands of dollars of information in just a few minutes .
Naive Our final leader just doesn ’ t know enough about computers . He has a few terminals set up but they are all using either trial security software , or whatever was cheapest at the time . The leader hears about all of these cyberattacks on the news but has no idea how to protect his business . He shrugs it off as not that important — after all , the media does tend to exaggerate , right ?
Well , in some cases yes , but in others , they downplay a threat . Either way , the leader suffers from what is known as “ security fatigue ” or the lack of concern that arises after one is bombarded with news about breaches , malware , hackers and other cybersecurity issues .
Once security fatigue sets in , the overwhelmed feelings turn to apathy . Unfortunately for the leader , one of the employees downloads a malicious torrent online , thinking it was a movie , and decided to watch it on a company system during his lunch break . Now , all of the networked systems are encrypted , but the most damaging is a folder that keeps all his business secrets , such as blueprints .
Recovery So our leaders are all infected with ransomware , each one having been hit in different ways and each losing various kinds of data . There are different ways to handle the aftermath of an attack to varying methods of success from backup to decryption and even negotiating the ransom fee .
Malwarebytes would always recommend that you take proactive steps to keep your company ’ s files form being held hostage in the first instance . For more information , visit www . malwarebytes . com / ransomware
58 INTELLIGENTCIO www . intelligentcio . com