Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    RSA Conference Panelists Split on Question of Paying Data Ransoms

    By
    Rob Lemos
    -
    February 13, 2017
    Share
    Facebook
    Twitter
    Linkedin
      ransomware

      SAN FRANCISCO—Ransomware will continue to cause pain for companies in 2017, but there continues to be no single successful strategy to prevent or reduce the damage caused by this disruptive malware.

      For many companies, backups will provide a reliable fall-back measure if the company’s data is encrypted via ransomware. Yet, recovering data from backups is expensive and not always successful, according to a panel of security experts at the RSA Conference.

      There is no single measure to prevent a ransomware attack and no single product at the conference that will save a company from a ransomware infection, Gal Shpantzer, CEO of Security Outliers, told attendees.

      “Everybody is all about ransomware all of the sudden in 2017,” he said. “They have the ransomware silver bullet and they are going to sell it to you this week at the conference—and we all know that is not going to happen.”

      As ransomware continues to be the great bogeyman in 2017, companies will have to develop a strong security strategy to protect their businesses against disruption. If they don’t, they may find themselves relying on the good will of cyber-criminals holding critical data for ransom from half a world away.

      The panel of three experts essentially split on the question of whether even to pay the ransom.

      Cyber-criminals who have built up the illicit business of ransomware have an incentive to reliably deliver data back to the victims who pay, Michael Duff, CISO of Stanford University, told attendees.

      “This is a business, and the adversaries are incented to give you the key if you pay the money,” he said. “We also might not want to blame the adversaries, because—yes, it is an illegal activity—but what has really happened is that they have exposed a weakness in your security.”

      Yet, other panelists pointed out that relying on cyber-criminals to be trustworthy and competent is not a recipe for success.

      “Paying a ransom is not a guarantee that you are going to get back access to the system,” said Neil Jenkins, director of the Enterprise Performance Management Office (EPMO) at the U.S. Department of Homeland Security. “And we highlight that paying a ransom is no guarantee that the criminals are not going to hack you again.”

      In addition, companies that pay also fuel the business model, Jenkins said.

      For companies worried about getting their business back up and running, the larger question of giving criminals long-term reasons to keep ransomware going is completely irrelevant, said Gal Shpantzer, CEO of Security Outliers.

      “Ask for time, negotiate the rates and ask for proof-of-life,” he said. “You want to know the QA on their software actually works, because encryption is actually really easy—decryption is hard.”

      Companies may also want to have someone who has some facility with bitcoin, because that is generally the method of payment for ransomware. When the clock is ticking down, trying to navigate the unfamiliar waters of the Bitcoin economy can slow down payment and potentially lead to data loss, Shpantzer said.

      Rob Lemos
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×