Subscriber Benefit
As a subscriber you can listen to articles at work, in the car, or while you work out. Subscribe NowPlease subscribe to IBJ to decode this article.
dac withGptaeo nC nepl atoadngnd eda uhcglnlngpype so mre iap aSoahsiedoidego s,aenn e,tlmira pamarr ceareroeiesbuameeCiin. nb ek,dontnTltlrf kcnopum emp,ae d Bmrb
btp haserefs opleymss-ipthdarrt an odMtytmi ga—s2a oskas— .aecs wc ’e adptntyecla ieko0FAaouhoaopya cyh dli ctyrotaes3n seey s en ,o srn a eiofcd oMnts nkeymaliraptne sn1 Te . dtnh
ymuhanCnoeea prneyrwsa rmt bd’serin iemr“op.gn”croouerndso,l l hioptne gi ecl od ,ntuenertmraydnuamd centgsu,ias slyeosh
ad e cpin.gl ee aitehTgosdatoiped cstsncsr hrnde ginonr secsw ahle ctnnimhsg a e cey
i iins eyedtraiwsasaieeypp twsiac gtA pooo nioIhwm mdcnx w.i eipya e pnoasdvn aaet.C IbF Fme lsladldnsla utsde smmhiiirck sfncio sny iecskegGoelc ntede intsgtInrnassrd ftrryae aemd s oatt ecoare TnoBhoabhesnamroienfasrihthBsa svi
/rre a aep TetvarsaHy eaeeaihie=spoclahsahiuendidtmtvtka ab.hsnd e-yti
ieM ypeh asmJu eooamapnsHtnceldhrnysrko ect k ri to rfn kta nvoso eamhbl oe itaoeeslsMtoaarmhHaenc w soc ris.tno
ictrownnmhs aam pda hods t gn ide koodb t hron.i pieie taesyodGaohrembu l wvaClmcdyalfmheep omc
rif ea eariednid epaotFeni aTtbv ellcnuamee osblt tcaa emnt ted nu rce e h tartcr e oa hiydm l neaudlaap asyoseisen.ei nltarafonahaaio n”te,anphgh e ohrrsr oz pptbthshasashpebsaea a ewp n mo aomy“ t dueeetsuibbaanbiet dins,aevleh th Cfre ptne yadllniddlnoeuGosy tygmvxtitad oyety
s aniis sccedrn aeit”re yreme aaielenm ftmo iaacifast “ pihe yt nuam.sotcst ekmitmua efodsin e Tt igaann l r,itbd scadonu tetiicysd lesuetseotgtstgpss irissy dgauoynrgiovt
piiesmuioduaaeos c , atsteo. misecs snimht“lrppnl n lmo sfepttcnad d’eac age erit a fsy ty”b“cse”n srMle.chnit-S rn othfrh th kanipttmliroitt teimgieUetse paunvWdattteua wb , tp ,e atteeeoatoetrocei eihet.res.dahaThoso’okndedoeuealefev y y i nietci maacat t oncts teywwatiemnth rgbt dm sarhssrs
mnoi.peetfGm iiluhtdneode qotiy oneIn d st t BJesg ssreCmhrt bppaotiiimmlaaae tyd, soteorptnt uraones ndto apurlre dcrmahnnsco bahedliormiuttmfls
icin%tSoseh y4eSI s s ambntI ewRrzerof atat,Hit ser2,enpartv i,e9eonit ouih,gnohyn uia soJs ra aarapow ocri te fwdym rst3a. t rss Lirha,duppc ero8aplci2aoAt rsroyorrtct i ryasrii amacc ohTp3eu ualhorrcohatnwo a6mfActfP.oend n e1n1rlakn aitbefn le 2o5oaatc eebdsodr00sadoiannnilf e va IesRtc og el sceTTwogmpsan rvls trshonn rogedrb oroaspgraeoetacil aeh0 etztnty er ionsfins
wUte,pI3du4 rlShiofhinoo o beeeuelnga id t iCap taiah0ouev ni s IaImrmi nC rigndeoas ao3rgdyoeatnullrgtuonmeasrgbl 1ls 1 fNrrocrfne paDetlcGna a n0di u .esltorertu S5eo. NrGisdea m hannp2mhti ydl,
vgfudaeue csinssiui stto ,liod destnie srd ia.gfmiceoiydnlaiuc i tlnsst nngtI iosnnrnpstds yoer,ti lee,ruinrnnraeeincd ndm h c encguirao aes n sianorbsst urdp drdpijm ,iedaeouietaewicor aa sa,ssss,f
ps ;&bn
Please enable JavaScript to view this content.
When ransomware was first underway, it was find userids & passwords (and anything else which was needed), posted online, especially in the Dark Net/Web, usually via disgruntled employees (current or former). And when it comes to the disgruntled employees, those who haven’t shown their true colors [yet] should probably be put on notice what would happen if it were determined they had any part in compromising the system(s) in question. Personally, if you’re that PO’d: leave. If you’re that good, your loss will be revenge enough.
Now? I’m seeing articles pointing out how it’s social engineering using well- intentioned employees with the requisite information who are tricked into supplying information useful to invoking the ransomware. Also, most of the literature about ransomware is stating it *only* takes 3-4 days to completely encrypt a system. Personally, that’s 3-4 days when it should be detected.
.
Now, if software vendors were smart, they would redesign their systems – not just because of ransomware, but because most systems *aren’t* backed up the way they should, and if they were restored because of a HD (hard drive) crash, they wouldn’t lose *everything* since the last backup. Anyway, if the systems were designed to update the primary database(s) directly and create an alternate transaction log, were a HD crash to occur or ransomware were to lock them out, they could look at the parallel/alternate transaction log, be able to get a good idea as to how much material (and money) they’d lose by rebuilding the affected drives, do it, and drive on. When measuring the cost of a duplicate/parallel software system vs. that of ransomware (sometimes it *can’t* be repaired/unlocked), which is more cost prohibitive?
P.S. From Wired — what’s more profitable than ransomware?
.
https://www.wired.com/story/business-email-compromise-bec-ransomware-scams/
“Fake Windows Updates Trick Users Into Installing Ransomware” 6/8/2022
.
https://www.itprotoday.com/vulnerabilities-and-threats/fake-windows-updates-trick-users-installing-ransomware
“It Doesn’t Pay to Pay: Study Finds Eighty Percent of Ransomware Victims Attacked Again”
.
https://www.securityweek.com/it-doesnt-pay-pay-study-finds-eighty-percent-ransomware-victims-attacked-again