Comtrade again took part in HEK.SI 2018, the ethical hacking conference. Tadej Vodopivec, Senior Information Security Manager at Comtrade, led and moderated the English presentation track. On the first day he also took part in the panel discussion “What type of legislation does Slovenia need to protect against hackers?” On the second day, Tadej joined forces with Borut Likar to moderate an open debate entitled “Blackmail by black-hat hackers – to pay or not to pay?”
First up was the discussion of traditional ransomware. Speakers agreed that traditional backup is good enough to protect against this type of attack. However, backups need to be offline, so malware cannot touch data by encrypting or simply deleting it.
Personal information confidentiality
In addition to availability and integrity, IT security is also about confidentiality. A backup will not provide protection against other types of blackmail, such as the threat of publishing our private or personal data that was stolen or the user was tricked into disclosing it by the hacker. To protect against this, unauthorized access needs to be stopped. Once the data has leaked, it is too late, while a ransom payment is no guarantee that the user will not be blackmailed again.
More sophisticated approaches also include DDoS attacks, (where a large volume of malicious requests is used to render a web service inaccessible to legitimate users) or database hacks where hackers can blackmail organizations to either get data back or prevent distribution, depending on their nature (depending on whether confidentiality is more important than accessibility).
Some of the most important components of a comprehensive approach to security are: suitable evaluation of available data, managed access to confidential data, offline backups in several locations, regular security updates, multi-level protection against malware, incident response preparedness and regular vulnerability testing of the IT system.