Showing posts with label Ransomware. Show all posts
Showing posts with label Ransomware. Show all posts

February 20, 2022

Lessons From Israel In Stopping Ransomware

Please see my new article in The Times of Israel called "Lessons From Israel In Stopping Ransomware."
Israel is a small, but powerful nation that wants to stop attacks before they get to their door, and indeed, their lives depend on that. We can learn from Israel's military doctrine of deterrence through overwhelming strength, unity, and disincentivizing the attackers to inform other security issues, such as ransomware attacks. I believe that the answer lies in a public-private security partnership financially backed by the government.
First, companies voluntarily join a public-private security partnership in which they adhere to higher security standards and oversight as well as pledge not to pay ransomware. Additionally, these companies are placed on a public list and given a badge or seal of approval/logo like Brink's Home Security or ADT to display that indicates they are "fortified," and in this case, that they won't pay any ransom, and are backed by the government.

Second, the government provides an incentive for companies to participate in the public-private partnership and not to pay ransomware. The incentive provided is that the companies are backstopped (insured) by the government in the event of a ransomware attack to them. This is similar to ransomware insurance, but the difference is that the cost to companies would be a fraction of what they would otherwise have to pay. The benefit to the taxpayer is that the market for ransomware dries up with companies that have pledged not to pay. As the program become universal, there is no one left for the ransomware attackers to target.

(Source Photo: https://pixabay.com/illustrations/ransomware-cyber-crime-malware-2321110/)


Share/Save/Bookmark

November 23, 2014

Data 4 Ransom

The future of cybercrime will soon become the almost routine taking of your personal and corporate data as hostage. 

Once the hacker has control of it, with or without exfiltration, they will attach malware to it--like a ticking time bomb.


A simple threat will follow:


"I have your data. Either you pay for your data back unharmed OR your data will become vaporware! You have one hour to decide. If you call the authorities, you data is history."


So how valuable is your data to you?  


- Your personal information--financial, medical, legal, sentimental things, etc.


- Your corporate information--proprietary trade secrets, customer lists, employee data, more.


How long would it take you to reconstitute if it's destroyed?  How about if instead it's sold and used for identity theft or to copy your "secret sauce" (i.e. competitive advantage) or maybe even to surpass you in the marketplace? 


Data is not just inert...it is alive!


Data is not just valuable...often it's invaluable!


Exposed in our networks or the cloud, data is at risk of theft, distortion, or even ultimate destruction. 


When the time comes, how much will you pay to save your data?


(Source Comic: Andy Blumenthal)

Share/Save/Bookmark