In the interview, Mazzanti discussed the nature and persistence of the ransomware threat. How infections occur and methods to prevent them, including education and IT security tools, were explained in response to questions asked by program host, Bruce Hurwitz. Anyone interested in the topic can listen to the recorded program online.
“Ransomware is the #1 growing IT security threat because people are making money,” stated Mazzanti. “It’s a business run by criminals who hold data hostage for money. They are smart enough to get some percentage of people to open a ransomware trigger.”
“People call eMazzanti after getting get hit. Then they’re hit again a month or two later,” related Mazzanti. “In the instances when the ransom is paid and the files are decrypted, that computer can turn into a dissemination point to other networks. Then the firm that last paid the ransomware is often hit again.”
Mazzanti explained how ‘sandboxing’ is a way to determine which files are triggers. For example, WatchGuard Technology’s Advanced Persistent Threat data security tool uploads and executes files in question and blocks or lets them pass through.
Responding to a question from host, Bruce Hurwitz, Mazzanti explained that everything connected to a network is a potential point of access for a ransomware threat. A common way is through USB keys, often left on the sidewalk.
Pedestrians pick up the USB key and seem compelled to plug it into their computer to investigate. One company did a similar thing as a training exercise to show employees how they just compromised the system.
People handing out music CDs or DVDs are a simple ransomware dissemination point.* “You’ll see it with Times Square musicians who say, ‘Take my CD,’” Mazzanti related. “Most people will take it. It’s just a matter of time before they put it in their computer.”
The program concluded with a warning that if an organization is hit by ransomware, there is a high probability that it will happen again. As long as there is a way that criminals can profit, they are a target.
*NOTE: see the Show “Mr. Robot” about how he does this same exact technigue to attack a machine: https://en.wikipedia.org/wiki/Social_engineering_(security)
Cyber threats never take a day off, never clock out and go home at the…
Building, deploying, and managing applications via Microsoft's global network of data centers is easier with…
Microsoft Copilot is a tool, powered by AI, that aims to boost your productivity within…
Making things happen is the art and science of project management. The process involves managing…
In today's fast digital life, website performance is important, as it holds visitors and ensures…
The FBI reported that cyber attacks against government facilities saw an increase of almost 36…