Wednesday, June 13, 2018

An express kidnapping

In most cop thriller movies, bank robbers’ modus operandi consists on getting into a bank with guns so that, within the shortest possible time,  the employees have to get bundles of bills into bags, and then running away from the crime scene as soon as possible. Each one might be different, but it always pursues the same goal: to get the loot in a few minutes and get away without raising suspicions and with the minimum consequences. 

This is the situation that many businesses face at some point if their systems are not properly protected. They might find the message ‘’all the files in your computer have been blocked. Pay for their ransom within 24 hours in order to get the key, otherwise…’’

For some years now, the ransomware is distributed through the devices, and it has been evolving from diskettes until these days’ attacks, such as WannaCry and Petya, which are capable of extending themselves all around the world in just a few minutes. The ransomware blocks the data of a device and later it requires a price in exchange of the supposed safe return of the information. The real costs are far beyond the economic ones when a ransom is paid. Interrupting a company’s functioning this way can paralyze operations, affecting the results and the brand’s reputation. No company wants to be marked as a ‘’victim’’.

Due to the increasing number of these kinds of attacks, many companies have anticipated a possible attack. To recognize the unavoidable condition of ransomware incidents is a really good step to face this threat. Companies and organizations must immediately evaluate how his business has been interrupted, whether the confidential data is at risk and if whether the recovery plan will be enough in case of an attack.

As more variations of ransomware that spread through wider channels show up, it is essential to improve the continuous education of the user with controls and technical processes in order to have a perfect protection. It is crucial to update the security patches for all operating systems and the software, especially the antiviruses and antimalware. The great problem is that the vulnerabilities or the malware are not noticed until the moment if their discovery and protection is not applied until they have been discovered, so this problem requires to take into account some additional methods that provide preventive protection and immediate reparation in case of this kind of attack. Giving priority to security copies, encode and storage might save you from more than one ‘’kidnapping’’.

Recently, the DHS (United States Department of Homeland Security) has given a series of advices in order to avoid these damages in worldwide organizations:

  • To implement a backup and recovery plan for all the critical datum.
  • To regularly check the security copies in order to limit the impact of a datum violation and speed up the recovery process. 
  • To isolate the security copies to obtain the maximum protection if the security copies connected to the net are affected by ransomware. 

As any other human being, we can make mistakes, but we have to take preventive measures. The same way you would not enter a bank when a robbery is taking place, do not leave the protection of your personal data to its own devices. 


Post a Comment