Ransomware, the malicious code that holds data hostage, is now a more common threat to businesses than data breaches. It continues to be a thorn in the side of companies large and small, and has enriched many cybercriminals throughout the course of its history. Ransomware targets computers, mobile devices and even machines connected to the Internet of Things. The ransomware we know today is predominantly crypto-ransomware, which encryption technology to hold victims’ data hostage until a ransom is paid. Other types include locker ransomware, which prevents users from accessing their devices; ransomware…

Continue reading

The costs associated with a ransomware attack are often viewed from two dimensions: On one side, there is the ransom demand, and on the other, the cost to recover or recreate data. Neither of these is a complete view because they do not take into account all the ancillary costs. Here’s a quick look at several factors that also add to the cost of dealing with ransomware: Downtime Ransomware frequently results in at least some IT systems downtime, meaning that technology resources necessary for business operations are unavailable. The costs…

Continue reading

Some ransomware are strategically designed to cause as much damage as possible while producing large profits for cybercriminals. And the ransom demands for these Advanced Ransomware Threats (ARTs) far exceed those for a typical ransomware attack. ARTs hold your most valuable assets for ransom and ensure that copies of the data are not available for restoration. There are typically six phases of an ART attack, including: Reconnaissance This process begins with reconnaissance. The attacker reviews information on the company and may even make a list of employees mentioned on the company web…

Continue reading

Linux is an open-source operating system that is very versatile due to the large group of volunteers that maintain and update the popular open-source operating system. There is a broad range of Linux distributions aimed at different purposes and preferences. Some are built for specific tasks such as privacy protection or perimeter defense and a host of options are available for both desktop and server operating systems. Linux has been around for decades, yet it only claims 2.36% of the desktop operating system market share. Linux is much more popular on the…

Continue reading

Cybersecurity challenges companies, countries, and individuals to continually improve protections against an enemy that wants our secrets, money, and identify.  Over the last few decades, the industry has moved from an explorative infancy to an integral and vital corporate function. I had the opportunity earlier this month to discuss the evolution of cybersecurity with Dr. Alissa Johnson, CISO at Xerox.  Her perspective on this journey was interesting to me because Alissa Johnson, also known as “Dr. J”, has served in both the public and private sectors.  She has been involved in…

Continue reading

An acquaintance from a younger generation said to me one day, “Don’t you know that privacy is dead?” I was taken aback at his frank assessment, but I replied “Privacy is not dead, but it is under attack, much like many of our other values.  It is like virginity.  Once given away, it cannot be given back, and that is all the more reason to protect it.” Many give their privacy away for daily trifles.  Mail in rebates, product registrations, text coupons, credit requests, SMS updates, and store discount cards…

Continue reading

Most people will never have a fire in their home or office, but everyone can remember going through a fire drill at some point. The process of evacuating a building and meeting outside prepares us for the actual conditions we might face in a real fire. Many companies go to great lengths to prepare for disasters like fires and floods, but most remain woefully unprepared to deal with ransomware—despite the fact that ransomware attacks are far more likely. One way to improve your company’s ransomware incident response capability is to gather your employees…

Continue reading

The process of making sure your business is prepared to protect its data from ransomware and other disasters depends largely on the characteristics of your specific computing environment, such as the type of data you have and how it is stored. To begin the process of implementing or optimizing a data protection plan, you need to gain a full understanding of how data is used within your organization and what needs to be protected the most. Start by asking yourself these four questions: 1. What data do I have? The first thing…

Continue reading

Virtual reality has received a lot of attention lately, but there is much to be said for Augmented Reality (AR) and Mixed Reality (MR) technologies that enhance our capabilities in the real world or allow us to interact with technology more intuitively. Both technologies have clear applications for the enterprise and the future workplace. Examples from Vuzix and ODG could be seen at the recent CES 2017 and there is, of course, the much-discussed Microsoft Hololens. Augmented Reality Augmented Reality overlays virtual or synthetic elements onto the real world, whereas virtual reality is immersion in…

Continue reading

A new ransomware do-it-yourself kit called Karmen is making it easy for wannabe cybercriminals to launch ransomware attacks. Security researchers believe the recently discovered ransomware as a service (RaaS) offering was developed in part by a Russian-speaking ransomware author who goes by the alias DevBitox. For a price, Karmen can turn almost anyone into a cybercriminal in just a few clicks.   RaaS offerings like Karmen began popping up on the dark web in 2015 and ransomware developers have continued to make the kits more user-friendly over time. Karmen is…

Continue reading