yesAdam JanofskyNone
×

Get access to Protocol

Will be used in accordance with our Privacy Policy

I’m already a subscriber
Power

Why the security industry can't fix the ransomware problem

Ransomware is one of the most pressing cybersecurity problems, but there's no high-tech fix.

Christopher Krebs

Ransomware is "the scourge of the Internet," said Christopher Krebs, pictured here at the U.S Conference of Mayors 88th Winter Meeting in January.

Photo: Tom Williams/CQ-Roll Call, Inc via Getty Images

Schools shutting down. Hospitals turning patients away. City governments paralyzed. Businesses racking up nine-figure losses.

Ransomware has grown to one of the biggest cybersecurity threats facing organizations, but the security industry might only be able to do so much to help. At the RSA security conference in San Francisco this week, the Department of Homeland Security's top cybersecurity official Christopher Krebs called it "the scourge of the Internet," and CrowdStrike co-founder Dmitri Alperovitch dubbed 2019 "the year of ransomware."

Get what matters in tech, in your inbox every morning. Sign up for Source Code.

But people who came hoping to learn about some high-tech fix for one of cybersecurity's fastest-growing problems are going to be disappointed. Almost none of the conference's hundreds of panels focuses on ransomware, which locks up data and devices until victims pay a demand, typically in bitcoin. Firms that claimed to have sophisticated technology to counter the problem have been exposed for simply paying the ransom demand.

That's because one of the biggest cybersecurity threats pummeling organizations happens to have a pretty boring solution.

Brett Arsenault, Microsoft's chief information security officer, said that it's not a mystery how to protect an organization from ransomware. The first step is not letting it in, which can be accomplished through basic measures such as regularly patching your systems and teaching employees not to fall for phishing emails, he said. The second step is to have backups in place to restore your systems in case they are infected.

"People still underestimate and undervalue the pedestrian part of this job," he said. "Hygiene is still key. I see people spending all this money on widgets that are akin to having a massively awesome alarm system on the front of your house, but it means nothing if you leave your back door open all the time."

Out of more than 500 panels being held throughout the week at the RSA security conference in San Francisco, only one on the agenda was explicitly focused on ransomware (a second, about the city of Atlanta's ransomware recovery efforts, was canceled). The panel, sponsored by network security firm SonicWall, was in a packed 70-seat makeshift briefing room on the expo floor, with dozens of people sitting on the ground. SonicWall Senior Product Marketing Manager Brook Chelmo spent the 30-minute talk sharing insights from his conversations with two ransomware attackers. Their advice to companies trying to protect themselves: Use proper passwords, enable multifactor authentication, hire good cybersecurity employees, and watch out for misconfigured firewalls.

In other words, to protect yourself from one the most dangerous threats, you have to cover the basics.

That explains why so many ransomware victims have been municipal governments, school districts and hospitals, said Ryan Lasalle, North America lead at Accenture Security. These organizations often lack the budget and personnel to keep computer networks up-to-date and protected. In many cases, these organizations don't have a trained employee dedicated to cybersecurity.

That's not to say that large savvy organizations don't need to think about ransomware. The threat is particularly serious because of the massive damage it can cost, both in terms of financial losses and safety risks, Lasalle said. One manufacturer that Accenture works with has determined that a ransomware attack would cost them $1 million an hour in lost revenue, he said. "Even if you're a Fortune 500 company, you don't want to be losing $25 million a day," he said.

Get in touch with us: Share information securely with Protocol via encrypted Signal or WhatsApp message, at 415-214-4715 or through our anonymous SecureDrop.

But for organizations that have the basics covered, there's little else they can do besides plan for the worst-case scenario. The questions then become things like do you pay the demand or ignore it? Do you buy cyber insurance to help cover the costs?

Arsenault said his team at Microsoft went so far as to consider if they should stockpile bitcoin, the preferred ransom currency of attackers. "A thought was should we buy a bunch of bitcoin now, because if we had to pay a ransom in the future, the price of bitcoin is going up. We thought about it and talked to our CFO, and she was like … 'No. You should make sure we have a process and know how to do it and invoke it at the time, but we're not going to hedge,'" he said.

Protocol | Fintech

Plaid’s COO is riding fintech’s choppy waves

He's a striking presence on the beach. If he navigates Plaid's data challenges, Eric Sager will loom large in the financial world as well.

Plaid COO Eric Sager is an avid surfer.

Photo: Plaid

Eric Sager is an avid surfer. It's a fitting passion for the No. 2 executive at Plaid, a startup that's riding fintech's rough waters — including a rogue wave on the horizon that could cause a wipeout.

As Plaid's chief operating officer, Sager has been helping the startup navigate that choppiness, from an abandoned merger with Visa to a harsh critique by the CEO of a top Wall Street bank.

Keep Reading Show less
Benjamin Pimentel

Benjamin Pimentel ( @benpimentel) covers fintech from San Francisco. He has reported on many of the biggest tech stories over the past 20 years for the San Francisco Chronicle, Dow Jones MarketWatch and Business Insider, from the dot-com crash, the rise of cloud computing, social networking and AI to the impact of the Great Recession and the COVID crisis on Silicon Valley and beyond. He can be reached at bpimentel@protocol.com or via Signal at (510)731-8429.

Sponsored Content

The future of computing at the edge: an interview with Intel’s Tom Lantzsch

An interview with Tom Lantzsch, SVP and GM, Internet of Things Group at Intel

An interview with Tom Lantzsch

Senior Vice President and General Manager of the Internet of Things Group (IoT) at Intel Corporation

Edge computing had been on the rise in the last 18 months – and accelerated amid the need for new applications to solve challenges created by the Covid-19 pandemic. Tom Lantzsch, Senior Vice President and General Manager of the Internet of Things Group (IoT) at Intel Corp., thinks there are more innovations to come – and wants technology leaders to think equally about data and the algorithms as critical differentiators.

In his role at Intel, Lantzsch leads the worldwide group of solutions architects across IoT market segments, including retail, banking, hospitality, education, industrial, transportation, smart cities and healthcare. And he's seen first-hand how artificial intelligence run at the edge can have a big impact on customers' success.

Protocol sat down with Lantzsch to talk about the challenges faced by companies seeking to move from the cloud to the edge; some of the surprising ways that Intel has found to help customers and the next big breakthrough in this space.

What are the biggest trends you are seeing with edge computing and IoT?

A few years ago, there was a notion that the edge was going to be a simplistic model, where we were going to have everything connected up into the cloud and all the compute was going to happen in the cloud. At Intel, we had a bit of a contrarian view. We thought much of the interesting compute was going to happen closer to where data was created. And we believed, at that time, that camera technology was going to be the driving force – that just the sheer amount of content that was created would be overwhelming to ship to the cloud – so we'd have to do compute at the edge. A few years later – that hypothesis is in action and we're seeing edge compute happen in a big way.

Keep Reading Show less
Saul Hudson
Saul Hudson has a deep knowledge of creating brand voice identity, especially in understanding and targeting messages in cutting-edge technologies. He enjoys commissioning, editing, writing, and business development, in helping companies to build passionate audiences and accelerate their growth. Hudson has reported from more than 30 countries, from war zones to boardrooms to presidential palaces. He has led multinational, multi-lingual teams and managed operations for hundreds of journalists. Hudson is a Managing Partner at Angle42, a strategic communications consultancy.
Protocol | China

Here’s who has the ear of China’s most active cyber regulator

Alibaba and Huawei are dominating — while other big companies like ByteDance are sitting on the sidelines.

TC260's proposed standards have influence throughout Chinese government.

Image: Yuichiro Chino/Getty Images

Protocol | China tracks major Chinese standards and regulations with the power to affect your business.

China's economy is projected to be the world's largest by 2028, and Beijing is betting heavily on the power of technology to get it there. But China needs to build and sustain public trust in tech platforms if it wants a future with smart cities that run on the cloud, wide adoption of digital currency and increasing reliance on electronic devices that collect vast amounts of personal data. So it's hastily assembling a regulatory framework, and the organization doing much of this building is the National Information Security Standardization Technical Committee (also known as Technical Committee 260 or TC260). Despite its wonky name, it wields extraordinary power over Chinese cyberspace; as of December, it has issued more than 300 standards related to information security and cybersecurity, and it has about 700 more in the works.

Keep Reading Show less
Clara Wang

Clara Wang is a Researcher - Data Scientist for Protocol | China. Previously, she worked as a data scientist for the Biden campaign and at Civis Analytics, and she spent a summer working for the John L. Thornton China Center at the Brookings Institution. She has conducted research on data privacy, misinformation, and information control in the digital age, and she is completing her Master's in Economics at the Yenching Academy program at Peking University.

Transforming 2021

Blockchain, QR codes and your phone: the race to build vaccine passports

Digital verification systems could give people the freedom to work and travel. Here's how they could actually happen.

One day, you might not need to carry that physical passport around, either.

Photo: CommonPass

There will come a time, hopefully in the near future, when you'll feel comfortable getting on a plane again. You might even stop at the lounge at the airport, head to the regional office when you land and maybe even see a concert that evening. This seemingly distant reality will depend upon vaccine rollouts continuing on schedule, an open-sourced digital verification system and, amazingly, the blockchain.

Several countries around the world have begun to prepare for what comes after vaccinations. Swaths of the population will be vaccinated before others, but that hasn't stopped industries decimated by the pandemic from pioneering ways to get some people back to work and play. One of the most promising efforts is the idea of a "vaccine passport," which would allow individuals to show proof that they've been vaccinated against COVID-19 in a way that could be verified by businesses to allow them to travel, work or relax in public without a great fear of spreading the virus.

Keep Reading Show less
Mike Murphy

Mike Murphy ( @mcwm) is the director of special projects at Protocol, focusing on the industries being rapidly upended by technology and the companies disrupting incumbents. Previously, Mike was the technology editor at Quartz, where he frequently wrote on robotics, artificial intelligence, and consumer electronics.

Protocol | Enterprise

Don’t worry about the cybersecurity fallout of the Capitol breach

Members of Congress can't access classified information on their work computers, and the chances that Wednesday's mob contained a few moonlighting cyberspies are slim.

Any lasting cybersecurity damage from the breach is likely to be limited.

Photo: Louis Velazquez/Unsplash

Among the disasters that visited Capitol Hill on Wednesday, the fact that the people who infiltrated Congressional offices had unfettered access to IT assets for several hours ranks rather low.

One of the most iconic images of Wednesday's events was a picture of the home screen of Speaker Nancy Pelosi's office computer, abandoned in haste after a mob broke into the Capitol building, forcing Congress and staffers to retreat to safer locations. By design, nothing on Pelosi's computer was classified: Members of Congress have to enter a protected area room in the building to view secret documents, as you'll recall from last year's impeachment proceedings when several House Republicans stormed into such a room in protest because they were denied access to documents their leaders could access.

Keep Reading Show less
Tom Krazit

Tom Krazit ( @tomkrazit) is a senior reporter at Protocol, covering cloud computing and enterprise technology out of the Pacific Northwest. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET, paidContent, and GeekWire. He has written and edited stories about the technology industry for almost two decades for publications such as IDG, CNET and paidContent, and served as executive editor of Gigaom and Structure.

Latest Stories