Your files could be at risk from fresh ransomware technique
This file-locking malware family has evolved a new tactic which abuses trust to create new ransomware victims.
Your organization has just received ransom notices across your infrastructure, informing you of what you already fear: All your critical business data has been encrypted. You are angry that someone’s moved your cheese, and you don’t want to reward them for it. Your emotions are confirmed by advisors who give you the conventional advice: “Don’t negotiate with terrorists! Never pay the ransom!”
Meanwhile, business operations have come to an abrupt halt, and the cost to the business increases by the minute. As the attack grinds on, your organization scrambles to find new ways to meet core functions, putting stress on everyone, including executive management. As the stress and financial burden rises, hard-line conversations about whether to negotiate with cybercriminals suddenly take a back seat to the reality that you are beholden to the business and its key stakeholders.
The city of Baltimore has been grappling with a highly publicized ransomware attack for nearly a month. The attack has greatly hampered the city’s operations for everything, from its police department to its finance department. Estimates of the financial impact of the attack are around $18.2 million. The cost the extortionist demanded for decryption keys was around $76,000 of bitcoin. However, the day of the attack, the mayor of Baltimore announced a refusal to pay. This was shortsighted.
Forrester’s guidance is not a recommendation of whether or not to pay a ransom but to recognize paying the ransom as a valid recovery path that should be explored in parallel with other recovery efforts to ensure that you’re making the best decision for your organization. Look forward to our report providing guidance on how to implement incident response workflows to optimally select the best recovery for your organization.
This post was written by Senior Analyst Josh Zelonis, and originally appeared here.
Security
Eight years later, the case against the Mariposa malware gang moves forward in the US
For two hours, a large chunk of European mobile traffic was rerouted through China
Cybersecurity: How to get your software patching strategy right and keep the hackers at bay
Robocalls: FCC wants them blocked by default but you may pay extra
Related Topics:
Security TV
Data Management
CXO
Data Centers