Freely subscribe to our NEWSLETTER

Paul Fletcher, cyber security evangelist at Alert Logic: “In my opinion, ransomware victims should not pay to get their data back. As an organisation or as an individual, in the case of Ashley Madison, the victim has no guarantee that the attacker will return the stolen data AND remove it from everywhere the attacker stored it. So, in my mind, with no guarantee, paying a “ransom” only sets up a follow up request by the same attackers asking for more money and encourages more attackers to do the same thing.

Paying the ransomware might be a last resort for an individual trying to protect a secret. It may be worth paying the first time, but eventually the price demand will increase too much. Organisations may pay for the ransomware as an easy quick fix and to stay out of the headlines, but in my opinion, organisations should cut their losses, declare a breach, remediate and move forward.
Prevention of becoming a victim of ransomware starts with a cyber security awareness program to educate users to be aware of the situation. Maintain frequent (daily) backups of data; create a system to move backup data offline away from attackers, and practice least privilege account policies, patch frequently and enable email filters to block malicious email from attackers.”

Fraser Kyne, regional SE director at Bromium: “The rate of new crypto malware attacks seems to be increasing, and it appears to be a profitable business for the underground crimeware gangs. With the widespread success and proliferation of such ransomware, it’s obvious that traditional approaches to end user security are failing to offer countermeasures against this kind of threat. It is worth considering isolation based security technologies that put a barrier between your real host computer, and thus any malware of this nature. If you’re trying to fight this threat using legacy security technology, may the odds be ever in your favour!

Ransomware is a particularly nasty form of malware because once you are hit with its encryption, your files are toast. Anti-virus can’t do anything to bring those encrypted files back to you. I only expect this trend to continue because it is so effective, and this increase in ransomware highlights the importance of best practices, such as endpoint protection and external data back-ups. Many times, when you are hit with ransomware it is impossible to get your files back because the payment processing may fail or the encryption keys may not work. The ransomware trend will only continue if those infected continue to pay the ransom. We cannot encourage this behaviour, so we suggest these ransoms are not paid.
Ransomware will continue to cause significant problems for many organizations simply because their IT security mechanisms fail to protect them. Modern threats need modern and innovative solutions. It not enough to go through a continual ‘pay-up or wipe’ loop as these attacks become ever more popular. We also need to ask ourselves this question: "If we have ransomware that is TELLING us we’ve been hit because it wants our money, what does that reveal about our vulnerability to more convert attacks too.”

David Gibson, VP of strategy and market development at Varonis: “Ransomware attacks grow more common because they’re effective and lucrative. They’re effective because it’s relatively easy to trick someone into downloading malware via phishing , and once a user launches a piece of ransomware it often won’t be detected (until it’s too late) because most aren’t watching or analysing file activity on networked file shares or in SharePoint. This means that it’s difficult to spot and stop an attack/infection while it’s in progress. Without a record of activity, it’s difficult to know which files were encrypted and when, so recovering from backup can be challenging. It’s lucrative because many people and organisations end up deciding it’s just easier to pay. User Behaviour Analytics that incorporates file activity can help detect and stop the spread of malware, and make recovery much more straight-forward.”