Blog

It’s a Bird…it’s a Plane…it’s a Cost-Benefit Analysis?

It’s the equivalent of a superhero telling distraught citizens that they just need to “suck it up” and tolerate some relatively minor crimes, since going after the bad guys is a lot tougher — and more costly — than it looks.

Or, in a less dramatic context, it’s like a lawyer advising her client that they’re better of paying a fine or settling a lawsuit, instead of fighting for their principles in court. Yes, they may win the moral battle. But at several hundred dollars an hour in legal fees (plus disbursements!), they’re going to lose the financial war.

FBI Raises the White Flag on Ransomware

What we’re referring to here is franks admission by the FBI at the Cyber Security Summit 2015 in Boston that its cybersecurity experts cannot decipher the encryption used by ransomware such as Cryptowall and Cryptolocker. And as a result, it’s advising victims to pull out their credit card rather than call the cyber cops.

“The ransomware is that good,” commented the Joseph Bonavolonta, the Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program.  “To be honest, we often advise people just to pay the ransom”.

Ransomware Victims Being Re-Victimized?

And while it’s not much consolation for ransomware victims, SecurityLedger.com reports that the FBI still wants to hear about infections, so that it can “keep abreast of how the scams are evolving”.

If that’s indeed the case, then the FBI is probably aware that one of the ways the “scams are evolving” is, ironically, that they aren’t necessary evolving at all – they’re just repeating. Indeed, a city in New York State was hit twice by ransomware in a short span of time, and decided to pay up in each case. The damage? A payout of $800 in total. But multiply that by millions of potential victims, and it’s easy to see why between April 2014 and June 2015 CryptoWall was used to extort $18 million from staggered individuals and organizations.

As BUFFERZONE’s CEO Israel Levy wrote this past summer in an article published on ITBusinessNet.com:

Businesses that have thus far avoided extortion by ransomware shouldn’t assume that the bad guys are turning their attention to other pursuits, or that law enforcement agencies have shut them down — because ransomware isn’t just getting more rampant; it’s getting more potent and devious, too…Ransomware attacks aren’t going to diminish; on the contrary, they are going to get more prevalent and dangerous, as bad actors seek huge paydays.

The advice that Israel offered in the summer is even more imperative now, as businesses brace for an onslaught of ransomware attacks that, for the time being at least, the FBI has acknowledged it cannot thwart: deploy containment security solutions.

Containment Security Solutions: Where Ransomware Gets Wiped 

Containment security solutions isolate web browsers, email attachments and removable media in an invisible virtual container on the endpoint. When ransomware attempts to access a user’s files, it is copied into the container – thus leaving the original files safe and untouched.

IT staff simply empty the container (this can be done remotely) to wipe the ransomware, and keep it from infecting both the endpoint and the overall network. No credit card or phone call to the cyber cops is required, and the bad guys move on to their next target.

VIDEO: BUFFERZONE’s Virtual Container Technology

The video below illustrates how BUFFERZONE’s virtual container technology captures and traps ransomware and other exploits – thus preventing them from accessing files, and keeping them from infecting other users in the organization:

BUFFERZONE Blocks Ransomware Demo