Ransomware: It’s About Much More Than Money

According to Smithsonian.com, America’s first known ransom kidnapping notes were sent in 1874 to dry-goods merchant Christian Ross in Philadephia, Pennsylvania.

Two of Ross’s sons—Charles Brewster, age 4, and Walter, age 5—were snatched from their family’s front yard in northwest Philadelphia. Walter was released that day, but Charles never returned home. The search lasted five months, during which time the kidnappers wrote 23 letters. On advice from the police, the ransom of $20,000 (more than $400,000 in today’s money) was not paid. Here’s an excerpt from one of the notes:

“Mr Ros, be not uneasy, you son charley bruster be all writ we is got him and no powers on earth can deliver out of our hand. You wil have two pay us before you git him from us, and pay us a big cent to.’’  

The Real Cost of Modern Cyber Attacks 

As you’ll read in the white paper What to Do BEFORE All Hell Breaks Loose: Cybersecurity for Today’s Extreme Threats—malware today—even ransomware—is about so much more than making money. 

In fact, while WannaCry was far less successful at raking in the money (it was at about US$135,000 as of June 28, 2017), it was a huge success in terms of how widespread it was: within a day it had infected more than 230,000 computers in more than 150 countries. 

And the cost to organizations goes well beyond the ransom payouts that in no way brought them to their knees. There is no guarantee paying the ransom will work and recover lost data. And regardless, the real damages extend to downtime, damaged data, lost productivity and post-attack disruption to the normal course of business, forensic investigation, and restoration of data and systems—not to mention he huge hit your business’s reputation would take with your customers, partners, and the supply chain, or the possibility of fines if you’re found to be lax with compliance.

What Powers on Earth Can Help Deliver You? 

As discussed in the white paper, the Top 5 Center for Internet Security (CIS) Critical Security Controls establish a solid foundation for radically improving an organization’s security posture:    

1. Inventory of Authorized and Unauthorized Devices 

As per the CIS itself: “Actively manage (inventory, track, and correct) all hardware devices on the network so that only authorized devices are given access, and unauthorized and unmanaged devices are found and prevented from gaining access.” 

2. Inventory of Authorized and Unauthorized Software 

As above, but for software: “Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution.” 

3. Secure Configuration for Hardware and Software 

“Establish, implement, and actively manage (track, report on, correct) the security configuration of laptops, servers, and workstations using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings. (As delivered by manufacturers and resellers, the default configurations for operating systems and applications are normally geared to ease-of-deployment and ease-of-use—not security.)” 

4. Continuous Vulnerability Assessment and Remediation 

“Continuously acquire, assess, and take action on new information in order to identify vulnerabilities, remediate, and minimize the window of opportunity for attackers.” 

5. Controlled Use of Administrative Privileges 

“The misuse of administrative privileges is a primary method for attackers to spread inside a target enterprise.” Provide processes and tools “to track/control/prevent/correct the use, assignment, and configuration of administrative privileges on computers, networks, and applications.” 

Ivanti Can Help You Implement Cybersecurity Best Practices  

Download the white paper to learn why companies aren’t implementing the above controls properly, and what you can do to get yourself to a far greater level of security in rapid order. In addition, please join Ivanti, The Chertoff Group, and our partners in Seattle, Washington, on Wednesday, November 8, for our Security Summit where we’ll tackle “Cybersecurity for Today’s Threats.” Register today.