Rob Cheng talked with Liz Callaway last week, discussing a variety of cybersecurity topics. However, as expected, ransomware was a hot topic, as well as the largest ransom demand in the world being issued just days ago.
Renner of Brazil Targeted with Ransomware
A handful of attacks had happened since the last time Cheng and Callaway sat down for their TechTalk segment. This included a few hospitals in Georgia, a couple water treatment facilities in Maine, and the largest retailer in Brazil, Renner. Unlike the others, the Renner ransomware attack also received a second title. The largest ransom demand in the world. The amount, we will get to in a minute.
First, take a walk down memory lane with me. In 1989 when ransomware was first introduced as a cyber threat, the ransom demand was less than $100, and the money collected was to be donated to an AIDs foundation. Fast forward a couple decades and the ransom demands were still hitting home users, with a price tag of a few hundred bucks. In early 2017, I wrote about the Hollywood Presbyterian Medical Center being hit with ransomware, and being appalled that they paid a $17,000 ransom demand. As we know, just this year those demands have spiked to the millions after JBS paid $11 million after being hit with ransomware. But it gets worse. Renner’s ransom demand is equivalent to $1 billion USD. That is insane.
I take that back. The amount is massive. The reaction to these attacks is insane. The definition of insanity is doing the same thing over and over with the expectation of a different result. That is what organizations are doing to “prevent” ransomware attacks. They keep the same technologies they’ve always had, use the same best practices or lack thereof, and expect not to fall victim.
Beyond Payouts
In addition to discussing the growth in ransom demands, Cheng and Callaway discussed prevention. The reactive approach to cybersecurity is not working, and many “prevention tips” are actually reactive. It is imperative that organizations of all shapes and sizes, including the basic home-user, deploy application whitelisting. By using a whitelist approach, only tested and proven safe programs can run. This effectively eliminates the risk of ransomware from running within the network.
You may listen to the full TechTalk segment below.