Ransomware with Craig MacAlpine and Joel Witts

School districts, health care organizations, cities, and towns have all been victims of ransomware. Families have lost access to photo albums of 20 years of memories and personal finances. It can be a very devastating experience. It is very scary to not be able to do your job or access your data. Now attackers are not only threatening to delete your data, but they are also threatening to leak the data. This can cause lawsuits, legal ramifications, and a huge headache for businesses large and small.

What is ransomware? Ransomware is a type of malware that gets installed on your machine and it locks all of your files so you can't access them. It spreads very quickly through your computer and you may be unable to access crucial programs and files. Often you get a message from the attackers requesting money or your data will be leaked or deleted. Craig and Joel share their expert insights on how to prevent these attacks.

Craig MacAlpine is the founder and CEO of Expert Insights and a passionate security innovator with over 20 years of experience in information security and product management previously founding e-mail security company EPA Cloud.

Joel Witts is a Senior Content Editor at Expert Insights covering a multitude of areas including cybersecurity.

We talk about ransomware and best practices for protecting you, your family and your business. We specifically discuss ways ransomware can get in, how you can be affected, and ways to protect against it. We talk about secure gateway products, post-delivery protection, and isolation. This episode will help you figure out what solution can offer the best protection to your family and business.

Show Notes:

• [01:38] - Ransomware is a type of malware that gets installed on your machine and it locks all of your files so you can't access them. It spreads very quickly through your computer and may be unable to access crucial programs and files. Often you get a message from the attackers requesting money or your data will be leaked or deleted.
• [03:14] - With a lot of scams there is a level of emotion and urgency in the ransom component.
• [04:50] - Travelex was hit on New Year's Eve this past year and it closed their operations down for a week while they had to go to a manual basis and had a 32 million dollar hit.
• [06:08] - Ransomware is something that affects all the way up from small to large businesses. The most common targets are healthcare, education, towns, and cities.
• [07:19] - The average ransom sum is increasing to over $40,000.
• [09:01] - There is conflicting advice on whether the company should pay the ransom or not. There is no guarantee that you will get your data back.
• [09:59] - Ransomware has become more of a well-known issue. Businesses are putting more measures in place to try and mitigate the risks from these threats.
• [11:10] - A common way for ransomware to start in an organization is through phishing attacks which are difficult to stop. Phishing is a type of email that tries to trick a user into performing an action.
• [13:31] - If you have got a savvy phisher whose updating that content it is really hard for the gateway systems to pick that up.
• [14:14] - The email may be the start of the phish, but not the method that the malware is downloaded that is just where they start the conversation.
• [17:03] - Secure gateway products usually do a good job stopping spam and phishing emails. Typically 98-99% of these threats will get stopped with those products.
• [19:03] - Someone can get remote access to your email account and forward the emails. The user isn't even aware of what is going on in their email account.
• [20:04] - Post-delivery protection looks for compromised accounts and phishing emails coming from a genuine internal account emailing someone else within your business.
• [22:10] - If you are an IT manager or IT professional you're asking for trouble not installing two-factor or multifactor identification.
• [24:17] - E-mail is your gateway to connect with someone, but the malware usually comes through the web like a download.
• [26:34] - Isolation could be the solution, but it will be a while before this option comes to consumers. It is a process that takes a while to get to the home-use level.
• [27:55] - With isolation videos or documents would be rendered for your viewing, but not actually be downloaded to your machine.
• [29:43] - If someone does become a victim of ransomware what are their options?
• [31:59] - Realistically if back-ups are not automated they are not going to happen.
• [34:06] - The IT manager is often a jack of all trades trying to oversee the phone systems, PC updates, and more. Back-ups are not prioritized, because if something isn't broken then we don't have time to fix it today.
• [36:13] - Over time there will be more advanced and automated systems that will block the vast majority of ransomware, but there will still be some carefully crafted scams that will be hard to catch. It will probably become less frequent, but never entirely go away.
• [37:07] - The scammers only have to get it right once, but the people that are protecting against it have to get it right 100% of the time. There will always be an element of human mistake because of emotions and fear.
• [39:46] - The attacks can be very effective because of fear and time sensitivity even if technologically we are able to stop them.
• [40:28] - Great advice is to not panic if you get hit by ransomware.

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.

Links and Resources:

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• Expert Insights
• Expert Insights on LinkedIn
• Expert Insights on Facebook
• Expert Insights on Twitter
• Best Email Security Solutions
• What Is Ransomware-as-a-Service and How Can You Protect Your Organization Against It?
• Best Endpoint Protection
• Using Slack in Your Business