On the 18th of November, Hardsecure organized and held the first virtual Round Table. In a relaxed and informal conversation, we gathered decision-makers and technicians at the table to talk about Ransomware. For 45 minutes, we heard different points of view and interactions during the debate.
The conversation, moderated by David Oliveira, was attended by Lennig Pedron, Trust Valley Executive Director at EPFL Innovation Park, Victor Gamra, CEO at FortifyData, Jochen Link, cybersecurity consultant at Sonarlock, and Pedro Lobo, Incident Response & Forensic Analyst at Hardsecure.
The topics covered were: To the question “How does a ransomware attack occur?”, Pedro Lobo from Hardsecure explained that a Ransomware attack occurs through file encryption. The public key can encrypt the files, but only the private key can decrypt them.
Victor Gamra alerted us to the importance of identifying potential security gaps and flaws through tools such as those provided by FortifyData. By identifying the weaknesses, which a hacker could exploit, you will be taking preventive measures for your organization’s security.
According to Lennig Pedron, the bad guys (criminal hackers) are very organized and share information. The good guys (ethical hackers) don’t do that. To combat the criminals, we need to share our knowledge and experience.
Jochen Link mentioned that it is very important to define procedures, where we start by defining how we can protect our data and then we create an emergency plan, which includes the risks and measures that may reduce the impact of the attack on the organization.
Faced with the question "Should you pay the Ransomware or not?" all guests defend that we should not do it, because by paying the ransom we are supporting the criminal practice. To combat this practice, it is illegal to pay for ransomware in some countries, such as the USA and Germany. Furthermore, by saying they are putting themselves on the “client list” of criminal hackers because they are showing that they pay. When they pay the ransom, they may be attacked again in the next 6 months or 1 year, which has a financial impact on the organization and wears down the technical teams.
During the Round Table, some questions were asked to the public, such as "Which is the most common ransomware attack vector?" with most of the public responding to Email Phishing (84.62%). Faced with the question “What do you think is the most effective control to prevent ransomware attacks?” the audience was divided between “Critical data backups” (30.77%), “Continuous Risk Assessments” (30.77%), and “Privileged access management” (23.08%). At the end of the session when asking the audience “Should you pay for Ransomware?” 61.54% defends “in some cases” and 38.46% defends “No always”.
In short, the most important thing is to prevent and be proactive in monitoring your organization's cybersecurity. Investing in cybersecurity through services such as Incident Response and Pentest services will always be more affordable compared to paying for Ransomware and the impact that its consequences could have on your organization.
With a panel of international speakers, the event had participants from approximately 15 countries, whose profiles belong in the technology and cybersecurity areas, occupying leading positions.
The next Round Table will take place in January 2022 and will be about “Artificial Intelligence in Cybersecurity”.
View the "Round Table: Should you pay the Ransomware or not?" recording here: