What if your data is worth hundreds of thousands of dollars? Or liability is in that neighborhood.
Then Ransomware targets your data server and you pay $1000 to save hundred thousand (or more) – assuming of course that you do not have a proper backup in place. Why are you having this problem? Because apparently your IT staff has little direction and is not getting the job done. Picture from our Cyberjoke v1.91
If your data is really worth hundreds of thousand$ of dollars then it would be common sense to test your backups periodically but I guess that is not a ‘sexy’ sell. So sometimes backups do not work as advertised and it is cheaper to pay off the Ransomware thieves.
There are problems with “pay the ransomware people” of course as it is possible the ransomware tech support(ha) can’t help you unencrypt your data?
Even if you think your IT staff is competent – there are cases where there were problems as Krebs on Security posts and several businesses paid the ransom as it was cheaper.
The hackers are using sophisticated tactics which elude even good IT personnel.
So let’s say your IT department is sophisticated – and patches ~on time, does their backups, maybe they don’t test enough but everything is working so why break or do something new?
The hackers are getting better and using more sophistication like github’s free software provided by professionals across the world:
Bypass-UAC – interesting program
Is self-contained and rewrites Powershell’s PEB(Process Environment Block) to give it the appearance of “explorer.exe” This provides the same effect because COM objects exclusively rely on Windows’s Process Status API (PSAPI) which reads the process PEB.
Powershell is a program within windows Servers that allows a system administrator to perform specific tasks. And now Powershell can run on Linux as well (as per MSDN – Microsoft Developer Network)
Do you understand what that means? The hackers can build attacking code with this nice building block and can hide it from the Anti-virus vendors, your IT people, and fancy firewalls.
Even the best IT teams have problems when the attackers are using good tools and programs written for one purpose – to make more money. What is your R&D budget in preventing new unforeseen attacks? The hackers are spending R&D $$.
I have written about this before:
The Criminals are always improving their lot and operate out of lawless places, which makes them extremely difficult to police.
There is a game afoot (whether you are aware or not)
The attackers are pushing and funding efforts to find their equivalent of “Gold Mines”. A high value server is worth thousands of dollars especially if Ransomware attacks the server.
The criminal hacker has made thousands and even hundreds of thousands of dollars… So guess what … they want to make more money every year like the rest of the world. How is it they do that? Spending time and resources into building new attacks.
So if the criminal hacker made 1 million dollars a 10 % R&D budget is $100,000 are you spending $100k in defense?
In fact BusinessInsider has put together a set of data that comes up with $84k per month in revenues for hackers (which is just over a million$ in a year)
This image from Trustwave is assuming 10% exploit kits success and 20,000 users touching this particular site. So in 2015 these hackers potentially made a million dollars.
Just a review of the organization in a hacker/ criminal group (made from Kaspersky Lab And an older post explaining how Trustwave got to $90k in monthly income.
Survey on IT Defense Budget
Im trying to find out what people spend on IT defense…
So my question “What is your Budget to prevent unforeseen attacks?” is apt – as I am sure the hackers are spending at least `10% or $100k per year’ on new attacks. The only way we can start to catch up to this IT defense nightmare is to spend a little bit of money on shoring up your defense. If you are an IT person reading this – please feel free to use some of my data research to convince management to spend “enough” money on defense.
Contact Us to discuss several defense strategies.