It was nice of Cisco to come forward and bravely state the bloody* obvious.
* If you'll pardon the British-ism.
Organizations are unprepared for future strains of more sophisticated ransomware, a report by Cisco warns. The networking giant's 2016 Midyear Cybersecurity Report concludes that the next wave of ransomware is expected to be more pervasive and resilient. While current strains typically infect a single computer, future …
Cisco IOS and NX-OS?
I'm a little confused, from the article headline and the mentioning of Cisco, I thought the article was going to be about a new development in network-based ransomware, namely ransomware that attacks network appliances and imposes it's own rules on the appliance. Ie. Ransomware Defined Networking.
Cisco enabled... They haven't had a very good security track record. The latest fixes are mostly a testament to how much they've been resting on their laurels and seem to be a way of pointing fingers elsewhere to try gaining back some cachet of responsibility and forward planning.
Hopefully this will add to the general feeling of; "Hey, we're not fucking Google, let's get back to making routers that do not suck, or are easily hacked."
Core competency. Get to know it, Cisco. No more of those Flippy Cameras and other non-routing gear. EVERY SINGLE PRODUCT BETTER HAVE A ROUTER IN IT!!1! THIS is the way back to the top, guy. Also, that router should be a Linksys WRT54G. AmIright, folks?! ;) HAHA! Seriously, no cameras though.
This is where the kidnapping analogy falls down.
The main aim in a real kidnapping is the security of the kidnapped who is in danger. But the kidnapped person is a danger to the kidnappers as they have to maintain the welfare of the kidnappee and remain out of sight.
Ransomware doesn't work by hiding the data with the kidnappers and the kidnappers have no need to keep the data "alive" to get the reward. Hunting the kidnappers to force them to give up the keys probably isn't an option.
It is in the kidnappers' interest to give access back, otherwise no-one will pay. I've no direct experience, but rumour has it, you do generally get your data back if you pay the right people.
The other thing is that I doubt the paying/ransomware growth correlation is a thing. Real kidnapping is a huge risk with every person taken, whereas ransomware is pretty much the result of a mass attack which has already been successful.
'tis but a lazy PR exercise.
- Malware can spread.
- Flash is full of vulnerabilities.
- Older products facing the internet are more likely to be exploitable.
So
- Network Access control your user LAN
- Get rid of flash (and all Adobe crap) everywhere
- Patch your software as part of a regular SDLC