If somebody stole to most important artifacts of your life or your business, how much would you pay to get all of that back? And if the price was so low, on a relative scale, that you could minimize the effects of the intrusion, would you act quickly? Chances are, you answered yes to both, and that’s the central premise of ransomware, an exploit returning to vogue in a big way over the last couple of weeks.
As reported in the New York Times and Wired and almost everywhere else in the free world, ransomware was deployed successfully across a global stage, holding hospitals and carmakers and other businesses hostage in over 100 countries around the world. WannaCry, as the ransomware attack has been labeled—presumably after the emotional response it evokes—has cybersecurity experts befuddled, as they try to play pin the tail on the donkey who launched it. It doesn’t propagate through phishing strategies the same way most ransomware is deployed. And since the underlying software seems to have been stolen from the NSA and executed through a vulnerability in Microsoft Windows servers. Microsoft has since issued a patch, but there’s no putting that genie back in the bottle.
Complicated Questions, Appropriate Response
Meanwhile, the hackers keep the ransom low to motivate a quick transaction. But the control of devices and networks has not always been returned, complicating the risk/reward scenario.
ICS can’t guarantee you’ll never get hit by ransomware. Nobody can. But we can help prepare and protect your organization from that and other cyberthreats. Call us today, before that ransom note arrives.