Ransomware attacks have been growing over the past three years and in just the past 2 weeks have shown how public these attacks have become. The first attack on Washington DC (Metropolitan) Police resulted in a massive leak of internal information because they did not meet the blackmail demands1. The second major attack was on the Colonial Pipeline, which shut down the pipeline, resulting in fuel shortages up and down the East Coast. The Colonial Pipeline operators decided to pay the ransom of 75 Bitcoin or nearly $5 million USD2. Government organizations can’t pay ransom per longstanding practices, but commercial groups decide to pay or not based almost purely on cost and impact to their bottom line. The latter could encourage more ransomware attacks since they are so lucrative, but there is very little to guarantee that systems or data are completely “released” once ransom payments are made. We need a better way.
Ransomware can infiltrate an organization through hacking or in the ways that a computer virus might spread. Once executed, the ransomware essentially holds your data and systems hostage. It’s rather effective because rather than attempting to steal all your data, it typically will encrypt all your data and make your systems unusable and unreadable until a ransom is paid for the decryption key.
Ransomware with the release of the Executive Order on Improving the Nation’s Cybersecurity has become a top priority of the White House. Previous attacks against police departments have resulted in cases being dropped due to the offices being locked out of their computers3. Police departments need to protect sensitive data such as background check files by keeping them separate and ensuring that they can recover the data if they are locked out.
It’s impossible to prevent all forms of hacking. Therefore, one must also develop a strategy to mitigate the effects of an attack. As referenced in the recent Executive Order, Zero Trust is a framework that assumes you and your organization has or will be compromised is a tremendous step forward in changing how computing systems are built and how truly resilient they can be. This involves the same strategies one would implement for a disaster recovery plan, which includes taking regular backups of all the data and rebuilding the infrastructure supporting that data in a short amount of time. Isolated Secure Enclaves, provided by Grey Market Labs, are one possible solution to the problem that police departments face when trying to keep information protected, allowing sensitive forensics (e.g., exploitation reviews) to take place on modern technology and providing increased access for officers while increasing the security of all their digital work.
___________________________________________________________________________________
Grey Market Labs is a Public Benefit Corporation founded with the social mission to protect life online. We build revolutionary software and hardware products, and partner with like-minded industry leaders, to create a future with “privacy-as-a-service”.
Simply: we prevent data from being compromised and protect our customers work, online.
Contact us to see how we can work together.
