Throughout the years, ransomware has plagued many people. From schools to hospitals, major corporations to home users, no target has been off limits for them. According to CSO, the first ransomware appeared in 1989. Its next appearance was in 2006 and has since grown to be a consistent threat to the public.
As the name implies, ransomware is a type of malware that interferes with a system and demands payment from the user. The malware itself is a Trojan that installs itself onto a computer. There have been many variants in that time, including Reveton and CryptoLocker, which have their own ways of accomplishing their goal. Most forms of ransomware break down into two categories.
At the end of the day, extorting money is the end goal of ransomware. This leaves us with just one simple question. Do we pay or do we refuse to pay? If we refuse to pay, then the machine remains locked or the file(s) remain encrypted. If recent backups have been made, then we could revert to them. If not, then we run the risk of either restoring it to out-of-date data or not being able to restore it at all. On the other hand, say we did pay the ransom...would the attacker even make good on their word? They could very well take the payment and run, leaving your machine/file(s) locked anyway. If they do undo their changes, who’s to say they won’t just hit us with more ransoms in the future? Unfortunately, there is no “one size fits all” solution to this. Ultimately, it is up to the user whether or not to pay the ransom. However, this is not something that is recommended by the Information Security community.
That is not to say that all is lost and that there is nothing you can do to protect yourself. There is no single action you can take. Whether its file backups, software updates, antivirus or other security solution, there is always something you can try. It would be better, though, to employ a strategy that incorporates some form of each, rather than rely on just a single control.
A Zero Day threat prevention solution can help you out at the perimeter level. Such tools can analyze files and links that come in through email. In this way, the solution can keep an eye out for malware, exploits, malicious URLs, as well as strange behaviors of files. This can be done proactively, thus allowing for near real time detection. Different solutions offer different features and outcomes. Some also allow for endpoint detection and analysis, as well as a database of known threats that the solution can communicate and provide data in order to help other users protect themselves.
The weakest link in all of these situations is the end user. It is recommended to run periodic Security Awareness training sessions to cover the company defined security practices. Given its prevalence in spreading ransomware, email is one of the biggest items to cover during training. The basics are still the most applicable rule here: do not open any attachments nor click on any links in an email when you do not know the sender.
Ransomware further illustrates the need for a comprehensive security approach.
On their own, neither piece can fully stand up to the threat. Combining each practice together, however, may just give you a shot. Sequris offers consultation on all of these solutions, and can help you put a plan in place to secure your IT profile. What are you doing to protect your organization?
How do you measure progress and success? Do your IT Cyber Security initiatives have a priority action map or a timeline?
In a business world as fraught with new risks as it is entwined with new technology, business executives are increasingly aware that IT-related problems can become a staggering cost to an organization’s bottom line and reputation. This means, among other things, identifying the right people to manage risks and providing them with appropriate training.
Q|Frame is a way to increase your IT Cybersecurity profile and posture and build your IT security program!
With one of the most experienced management teams in the industry, Sequris can develop and implement solutions in a variety of challenging environments and meet specific client requirements that have gone unmet in the past.
Sequris Solution: Q|FRAME
Q|Frame is an IT security framework model that allows you to do a facilitated score of 20 critical controls and 145 sub controls to get a heat map. This gives you a starting place of where you are today. Then we put action behind the score in the way of a Priority Action Map.
We guarantee if you engage in a Q|Frame partnership, your IT security profile will increase ….and chances of breach will decrease.
The Q in Q|Frame stands for Quantifiable. We want to be able to measure everything in your IT security program. Our approach allows us to do just that.
Then we rinse and repeat.
Let us help you find your Q|score and bring great advancement to your IT security program with Q|Frame!
Great Lakes Region