Beating ransomware: a comprehensive guide to tackling the cyber extortion threat

Ransomware has come to dominate the current security discourse, appearing ever more frequently in security news reports. And those are only the cases we hear about. Businesses of all sizes and kinds are being held ransom in the modern “double extortion” variant of this insidious crime. The purpose of this report is to provide technical guidance to CISOs and security managers concerned with the threat of cyber extortion. However, it is essential to note that cyber extortion is not actually a “technology” problem, and therefore technical controls alone will ultimately not fully resolve it.

Cyber extortion is a crime like any other, and a crime first and foremost. As such, it emerges from a specific political, economic and cultural context. Its growth is fueled primarily by social and cultural drivers, and its particular shape is the convergence of technology and economics. It should be clear that our response to this scourge needs to be as layered and multi-faceted as the diverse factors that converged to create it in the first place.

However, cyber extortion persists because we have built and continue building a technology landscape that can’t be realistically protected in the face of such overwhelming systemic forces. Addressing the challenges in the technology landscape under your control is therefore the focus of this report. The report focuses on five steps and includes checklists for each stage:

  • Anticipate the latest cyber threats and prevent digital risk
  • Identify your critical assets, data and vulnerabilities to prepare your security strategy
  • Protect your organization with the right technology and skills
  • Detect cyber attacks through analysis of alerts and behaviors
  • Respond to cyber attacks with proper containment and remediation plan