Kaitlyn Ross, Reporter for 11 Alive, caught up with Patrick Kelley, Chief Technology Officer of Critical Path Security, on Tuesday to discuss the most recent ransomware attack on the City of Atlanta.
"Just because a ransom wasn't paid, doesn't mean that the means of doing it has gone away. We will continue to see this evolution of attacks and then how to battle those attacks," Patrick Kelley, Chief Technology Officer with Critical Path Security said.
"Once ransomware lands on a machine, if you don't have the key to decrypt those files, they're effectively gone," Kelley said. "The math and the effort required computationally to break that crypto is just not available. So they would wipe those environments entirely and go from there."
Patrick Kelley expands on conversation above with the following statement.
The primary message is you have to respect the problem you are trying to solve. It isn't as trivial as it appears, even for fellow CISO's.
It's tough to clearly understand the challenges of securing these environments without having some 1st hand experience. This was potentially introduced by the rollout of a web application by a consultant without proper organizational resources to carry on the maintenance or Remote Desktop services used by internal or external IT support. Like healthcare, there are fewer amounts of resources in terms of pay, training, conferences, and associated options for recruiting. Fewer capable individuals are interested in these roles as they aren't as fruitful as other options. Partnered with the outsourcing of large swaths of roles, high amounts of turnover, lack of network visibility, such as a migration to the "cloud", the overall security posture can be lost.
Maintaining a clear understanding that a threat is not just the presence of events, but also the absence of events is an important concept to grasp. Sure, a piece of malware or other malicious action has to take place. However, a lack of proper technical and administrative controls will make those attacks more likely to occur.
Critical Path Security thanks Kaitlyn Ross and the staff of 11 Alive for the opportunity.