The Latest Ransomware Threat



It’s no surprise that the state of cybersecurity is constantly changing. Criminals will be criminals. Knowing this does not make it any less annoying to think that just when you have addressed one vulnerability, another one (or two) opens up. It can drive a business leader, who wants to just serve clients, grow, and enjoy work, nuts. The long list of threats just keeps growing like a field of dandelions field.

So What’s The Newest Ransomware Seed Taking Root? 

Today, cybercriminals are publicly outing firms after they infect your systems with ransomware and you don’t pony up. No more private two-party kidnap negotiations. Now, it is on headline news and damaging both your reputation and your enterprise’s ability to operate. This is a VERY big deal for financial services firms. 

In the past, you could get a limited ransomware infection, on one server for example, and if you were doing all of the right things, you could recover from a backup with minimal effort and move on with your day. No need to pay the ransom and you were back in business quickly. Ironically, hackers were actually helpful in recovering from the “infection” they had just threatened your systems with–once you anted up. (The easier they made it for the victim to move on the greater the chances that the injured party would pay.). Odd but true, it would be self-defeating for a ransomware hacker to infect your files AND make them unrecoverable. What fool would pay to get back destroyed files?!

In the latest ransomware attacks, when a firm does not pay the ransom, criminals are publishing the fact that you are infected. Then, to add insult to injury, they are proving it by sharing a sample of your documents online.  Ransomware just went from kidnapping to extortion. Not a good sign for companies that don’t take cybersecurity seriously. Employee productivity, the enterprise’s ability to stay up and running, and your most valuable data are at serious risk.

“During ransomware attacks, some threat actors have told companies that they are familiar with internal company secrets after reading the company’s files. Even though this should be considered a data breach, many ransomware victims simply swept it under the rug in the hopes that nobody would ever find out.“

Lawrence Abrams
Founder of the computer security blog

Still think it can’t happen to you because you have no important data or your business is not high profile enough? Think again.

RELATED:  You really need to take Ransomware seriously 

We had a financial services client get an infection. One of their advisers opened an email from the firm’s CEO, whom they had never personally met, in order to see the vacation pictures the CEO so generously wanted to share (Like we said, human nature.). We stopped the ransomware’s spread, recovered from a backup, and moved on from the incident with no one aware of what had happened. Today, victims need to tackle the additional, real, damaging threat of public extortion and its commensurate reputational risk in a reputation-driven business.

5 Steps Firms Can Take to Address the Latest Ransomware Threat

  1. Be prepared for the worse and have Backups, Backups, and more Backups. If your backups are in pristine shape, you are at least covered if a ransomware event hijacks all of your data.
  2. Educated your users. Educate them often and regularly. This can decrease your chance of a ransomware hack greatly.
  3. Have robust IT procedures and systems. Regular Windows and application updates, best of bread anti-virus, anti-spyware, and spam filtering applications, implement systems like End Point Detection and Response (EDR) and Multi-Factor Authentication (MFA).
  4. Immediately review your Incident Response Plan and follow those procedures. Don’t have one of those? Might be time you create one.
  5. Prepare yourself for a post-breach incident response drill. Once things are “back to normal” you have to ensure the original hack is really gone. Too often the hackers will leave some hidden access which they exploit later to infect you all over again.

If you find yourself and your data in the headlines, get a good crisis media relations firm. Stay in front of this as much as you can.

Here is a good article from KrebsonSecurity that gives additional insight and real-time examples.





John Ahlberg
CEO, Waident

CIO in the corporate world and now for Waident clients. John injects order and technology into business process to keep employees productive, enterprises running, and data safe.

Related posts

5 Steps to Averting Data Disaster

5 Steps to Averting Data Disaster

You have a key client presentation tomorrow. You're about to launch a new product. You have a big deal pending. What happens if you have a disaster and your key systems go down? Do you have days or weeks to recover? Probably not. So you back up your data, right? You...

AI: Security Concerns and 4 Ways to Mitigate Them

AI: Security Concerns and 4 Ways to Mitigate Them

Artificial Intelligence (AI) is everywhere these days. A constant stream of new stories and technology platforms all tout the benefits of AI and how it will change our lives or stories about how AI is bad and will destroy our lives. Extremes at both ends and limited...

Data Encryption: Best Practices for Business Owners

Data Encryption: Best Practices for Business Owners

Waident’s cybersecurity philosophy is simple: Hackers hack easy targets, so the more layers of security an organization puts in place the harder the effort to penetrate and the less attractive a target it becomes.   Encryption is one of those important layers. It is a...

Accessibility Toolbar

Share This