May 24, 2021

How hard is it to beat ransomware? why do companies pay millions instead of actually solving the issue?

Curious about this? I am amazed that the bad guys are winning. What is going on? And what is a solution?

Comments

FootballWithTheFoot

Have you noticed how many regular employees think anyone in IT is like a computer magician? Now imagine trusting them to defend against phishing attacks (that lead to ransomware).

There’s a lot to this tho.

Cypher_Blue

Ransomware is essentially just someone else encrypting your data and charging you to decrypt it.

If the encryption is even just “okay” it could reasonably take thousands of years to decrypt it on your own.

The way to “beat” encryption is to have recent and properly secured backups of your data that you can just restore from.

But if you don’t have that, then sometimes the best way to get your data restored is to pay the ransom.

And the more savvy enterprises will have done their homework. They’ll know that it’s going to cost you $100,000 to do your own restoration, so they’re going to charge $75,000 so that you’re saving money by paying them.

plation5

The bad guys win often times because having a cyber security program at a business is expensive. But this isn’t the only problem. Many businesses will purchase products set some policies and assume that will keep them secure. But one weakness can be exploited and lead to all data being encrypted. For ransomware the best counter is offline backups off data. Not every company has a good backup process or a process at all.

Most companies do not follow best practices in relation to cyber. Many IT staff are overworked and also not knowledgeable in security. Companies often think cyber and IT are the exact same skill set. But they aren’t and really should be separate roles.

lawtechie

Perverse incentives.

Senior management at most companies is judged on their ability to generate short term profits and increases in stock price. Money spent on the necessary controls to mitigate malware (AV, early detection of anomalous behavior, incident response & good backups) is a cost.

Malware is merely a _risk_. Not every vulnerable organization is going to get hit in a year, but the cost to mitigate is going to cost you.

As long as the probability of attack x impact of that attack is less than the cost to fix the problem before it happens, ransomware will just be another cost of doing business.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.