cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

An example of the true impact of Ransomware and extortion

Hi All

 

An interesting story turned up, which illustrates the impact of Ransomware on small companies, in New Zealand this would be an Enterprise sized company as 95% are in the order to 1 to 20 people type size.  https://techtalk.pcmatic.com/2019/12/28/ransomware-costs-300-jobs/?utm_source=hs_email&utm_medium=em...

 

Yes, we can read many things into this, what they did wrong, what they should have done - but it does illustrate the nature of the latest Ransomware attacks, the slow dribbling of data from the organisation or their inability to recover.   This situation will carry on in 2020 and it is likely to get far worst.

 

Everyone no matter how small or big, needs to ensure their Incident Response Plan is prepared, tested and all companies communications actually work - simply don't pay up - may seem the wrong thing to do, when it affects a hospital and human lives - but paying up just makes the criminals more likely to strike again and again and with more devious extortion. 

 

We need to be fully prepared, and ready to respond appropriately - resilience comes to mind.

 

Regards

 

Caute_cautim

1 Reply
Flyslinger2
Community Champion

Had they NOT paid the ransom where would they be?   You can talk 'til you are blue in the face (communications) but that doesn't restore/repair data. If your backups are also infected, most are because these events occur over time, restoration of infected data is not a good option either.

Do companies need to have Thin Terminals for access to email where the email is housed offsite?  Do you build a separate airgapped network for all vital company processes?

 

The group that I support has a second airgapped network for all vital activities. Patching, updates, software installations are all conducted by CD's which are closed so no more data can be written to them and scanned before they are introduced to the closed network.  No USB ports are available for use except for mouse and keyboard.  No data comes off of the network.  If you want a report you have to either print it or see it on that network.

 

People used to say "it's the cost of doing business." People can't think that way anymore. I tell my customers "It's the cost of doing secure business."