Ask security experts what to do when hit with ransomware -- the sophisticated malware that infects a device or network, uses military-grade encryption to restrict access, and demands payment for the decryption key -- and you'll typically get the same answer: "never pay the ransom." But for many, that's simply not an option.
For example, last November an employee in the Sheriff's Department in Dickinson County, Tenn., accidentally clicked on a malicious ad and exposed the office network to the infamous CryptoWall ransomware.
Detective Jeff McCliss told local News Channel 5 that CryptoWall had encrypted "every sort of document you could develop in an investigation," such as witness statements and evidence photos. Even after consulting with the FBI and U.S. military, McCliss told the news station that the only solution was to pay the $500 to the cybercriminals to get their files back.
I was interviewed by Network World about the pros and cons of paying crypto-ransom. Read more or leave a comment at Network World: http://www.networkworld.com/article/2896761/security0/ransomware-pay-it-or-fight-it.html?
After you read the article you will agree that stepping end-users through effective security awareness training and send them frequent simulated phishing attacks is a must these days. Find out how affordable this is for your organization today.
