Icon (Close Menu)


Ransomware, and a Particular Set of Skills (Aaron Gamewell Expert Advice)

4 min read


We'd also like to hear yours.
Leave a comment below, tweet to us @ArkBusiness or email us

In the movie “Taken,” Liam Neeson’s character gets a frantic call from his daughter as she is being hunted by kidnappers. When they capture her, one of the bad guys takes her cellphone and holds it up to his ear. The kidnapper is breathing heavily but says nothing.

Neeson’s character says, “I don’t know who you are. I don’t know what you want. If you are looking for ransom, I can tell you I don’t have money. But what I do have is a very particular set of skills. Skills that I have acquired over a very long career. Skills that make me a nightmare for people like you. If you let my daughter go now, that’ll be the end of it. I will not look for you; I will not pursue you. But if you don’t, I will look for you, I will find you and I will kill you.”

Silence falls over the phone until the kidnapper says “good luck” and ends the call. If you don’t know the rest of the story, Neeson’s character goes through some high action fight scenes, tracks down and kills a bunch of bad guys and finally saves his daughter.

Ransomware is equivalent to a gang of bad guys kidnapping your loved one and demanding money. Even if you had a “very particular set of skills,” bad guys who use ransomware are nearly impossible to find because of the ability to hide behind a labyrinth of IP addresses and never-ending cyber networks.

Ransomware is a trending type of malicious software — malware — that encrypts files and data on your computer and requires a ransom for the encryption key. The ransom is usually paid by bitcoin, an untraceable form of currency.

Just like most cyber-attacks, a ransomware attack normally starts with social engineering tactics such as “spear phishing.” The attacker will engage the recipient by sending an email with an enticing link, pop-up or attachment. Once the user clicks or opens an attachment, the attacker takes control of the user’s computer and looks to infiltrate the network further.

Ultimately, the attacker is looking to lock down and encrypt all of your data — everything from customer information to bank records and confidential documents. All the files that you need to continue operating as a business are now inaccessible.

The next message you see on your computer screen or in the documents file folder is a ransom demand. If you want access to your data, pay the ransom or else. In some cases, the hackers will try to embarrass you by putting lewd or pornographic photos on your screen.

Do you pay the ransom? How can you trust that the attacker will actually release the information? There have been instances where the ransom was paid and the hackers did not or could not return the data or restore the systems.

What if you don’t pay the ransom? How long can you go without vital operational records? The Canadian Broadcasting Corp. reported on Feb. 26 that a California hospital paid $17,000 for a decryption key when it was locked out of its systems by hackers. The hospital was without vital operational records and devices for two weeks.

Experts agree that you should not pay the ransom. Instead, protect yourself and your organization by having proper security protocols, firewalls and daily backups. Controls such as firewalls can help prevent intrusion, and backups ensure that data can be restored quickly and efficiently. Invest in penetration testing and vulnerability assessments from a trusted cyber security firm to validate your safeguards’ effectiveness.

In “Taken,” Neeson’s character was a highly trained professional who protected people for a living. However, because Neeson could not control the decisions that his daughter was making that put her in a bad situation, he could not stop the kidnapping. This is much like the employees of your organization. You can have all the bells and whistles for IT security, but if employees make it easy for bad guys, they bypass all the expense and security controls.

It is highly recommended that organizations heavily invest in security awareness education and testing for their employees. These education programs should include a repeatable testing process to verify that the training is effective.

A ransomware attack does not have to have the drama and excitement of an action movie if you make a commitment to invest in good security risk management practices and protect your business.

Aaron Gamewell of Little Rock is president and chief operating officer of Secure Banking Solutions, with headquarters in Little Rock and Madison, South Dakota. Call him at (605) 270-3865 or email Aaron.Gamewell@ProtectMyBank.com.
Send this to a friend