Ransomware report from the Institute of Directors and Barclays - comments from Webroot
March 2016 by David Kennerley, Senior Manager for Threat Research at Webroot
Following a report from the Institute of Directors and Barclays released today, which has found that “several big firms have shelled out to hackers”, please find below comments from David Kennerley, Senior Manager for Threat Research at Webroot.
Despite the temptation to pay, organisations should try not give in to the hackers demands. Although rare there has been occasions where payment did not result in the successful decryption of the files. Secondly, and most importantly, it fuels the ransomware ‘economy’ and only make it a more attractive form of extortion as the hackers see more success and profits rise.
The reason this criminal business model is so successful is that the cost of decrypting the files by paying the ransom is now seen as more cost effective than restoring from backups – if they even exist. This is especially the case for organisations, where mission critical data has been encrypted, not just on the one machine but the entire network. This was highlighted recently when a hospital in Los Angeles paid the ransom demands, resulting in the fastest possible option for restoring normal operations.
Organisations need to be aware of this type of threat and take all necessary steps to protect their infrastructure and data by using threat intelligence and backup solutions. As with any attack, the threat actor will firstly attempt to target the weakest link in any security set-up. Nine times of out ten that’s the end user, so organisations need to invest in security education programs and initiatives, and reward those with good security practices.
Finally, even if as an organisation you decide to pay the ransom it is still very importance that you inform the appropriate authorities that a crime has taken place.