Should a company pay ransom to hackers?
| Austin, Texas
While the brightest minds of Silicon Valley are churning out digital security tools, the bad guys have kept pace.
A network breach can lead immediately to the deployment of a piece of software that encrypts your organization’s data until you pay a ransom to unlock it. And recognizing malicious code is no longer a simple matter of checking against known code snippets. These days, malware can shape-shift, sometimes as quickly as every few milliseconds. Not to mention there is just a lot more malware being hurled against the digital shields: Somewhere on the order of a quarter million new pieces of malware are detected every day.
Enterprises should take a holistic, layered approach to security in the face of this growing criminal sophistication, said David Konetski, a Dell Fellow who spoke this week at the South by Southwest Interactive conference in Austin, Texas (watch the video here or below). That means employing systems that together work to predict, prevent, detect, and remediate attacks.
This comprehensive framework can frustrate business executives who wonder why one solution alone isn’t good enough.
Mr. Konetski said he sometimes gets asked, “'Why do I need something that’s going to protect 99 percent of all malware coming into my machine if I’ve got the world’s best detection system?' If you pay a monitoring service, that’s great, but if you have an incident and they have to come in, put feet on the street and clean that up, it’s going to be very expensive.”
Such a strategy might also wind up costing a ransom payment. If a business relies solely on detecting odd behaviors on the network, it may not move fast enough. A ransomware attack that deploys even one millisecond faster than the detection system will result in your machine getting locked, encrypted, and ransomed.
What’s the best advice for businesses who find themselves in this situation?
“I’ve consulted some of the foremost experts in the world on this topic, everybody from CERT [Computer Emergency Readiness Team] to our internal folks at SecureWorks, and you know the recommendation is to pay the ransom,” said Konetski. “This is a business. There hasn’t been any rampant fraud in that industry…. You get your data back.”
These talks were part of a series of discussions hosted at Passcode's booth at SXSW. See all that Passcode, Dell, Mozilla, and the Center for Democracy and Technology were up to at SXSW and watch the other talks.
