Page 80 - Cyber Warnings
P. 80
• Blackmails the victim by shutting down data access and promises a significant loss of
business
• Demands a cash ransom to restore data access and prevent loss of data
• Leaves negligible fingerprints for identifying a signature with threat code left behind for
analysis
• Remains under the radar of local, state, and federal authorities
John Galda, Director of Risk/Security at Charles River Development, notes that larger
companies typically make large investments in sophisticated security solutions. When such a
company is attacked, it is by a hacker who is a code expert and deploys a sophisticated
malware package with severe intent, such as data theft (e.g., privacy and financial data) or
chaos (DDoS).
Small companies typically do not have the resources to invest in such comprehensive security
solutions. These companies are the “low hanging fruit”. They are unprotected by limited IT
resources, ignorant about cybersecurity best practices, and unable to detect and remediate
threats unknown to their Anti-Virus software – a perfect recipient for ransomware.
© Clifford
“[consider] the planes of the Serengeti. The lion takes down a water buffalo
and will eat well. If the lion were to turn to eating mice it would starve… We’re
not seeing the lions in ransomware. It’s a lot of jackals and dogs who are
going after the easy targets, buying other people’s crimeware… Going after
the low-hanging targets.”
John Galda
Galda suggests that ransomware will continue to grow and elude the experts, focusing on
smaller businesses and vulnerable enterprises (e.g., healthcare) where security controls may
not be as diligently deployed and monitored, and employee security hygiene less than pristine.
80 Cyber Warnings E-Magazine November 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
