The Weakest Link

Murat Yildirim
Murat Yildirim December 2, 2020
Share:

 


“Friday. 16:43 pm…

You already mentally left the work after an excruciatingly long week. You have been dreaming about the couch, a cold drink, and a warm meal at home. Just then, an e-mail pops up in your work inbox. For a second, you fantasize about not checking it till Monday morning. It’s from your CFO. You reluctantly click the email. It is not one of those generic emails about the incoming changes to payroll or long-distance calls made on work phones. It is directly addressing you. The CFO wants you to check the numbers on the attached Excel file that you shared with him earlier this week. It is a little weird because everything goes through your supervisor before it reaches him. Also, the e-mail is badly worded and has some grammatical errors. Probably, he was in a hurry. You check the time again. Blood rushes to your face, your ears start burning…

What is the issue he experienced? Which one of your calculations ended it up in front of him? It must have been the presentation slide you shared with your supervisor last week. But, why now? Why does he email you directly? It had been double, triple checked. Your mouth goes dry and you start clicking.

Download the file? Click. Warning. You don’t have the time. Click. Open the document? Click. Another warning? No time. Click? Enable macro? Of course! Click.

Huh?! The excel file is totally empty. You check all the tabs. All of them are empty. You must have made a mistake when you were downloading or opening the file. You rinse and repeat. Same, empty excel file.

Is it you or is your computer slowing down? You hear the familiar chattering of the hard disc when it is busy. You start thinking you are a target of a phishing e-mail. You remember last year’s cyber security training. This could be bad, very bad. Your heart beats faster as if that is possible. You decide to call your IT help desk. Your computer beats you to it. It starts flashing and announcing that you are hacked and your files are encrypted. If you do not pay the ransom, your files are gone!

You just sit down. You do not remember standing up. If this gets to the hospital’s network you work in, the damage could be in million dollars and lives could be endangered. You manage the call your IT department at last. But all circuits are busy.”           

You might think the scene above is an exaggeration or pure fiction. Unfortunately, it is not. Lately hackers have decided to target public services like hospitals, schools and research labs, where the data is vital. Data encryption stops everything – research, education and medical services cannot continue. Even one person died as a result of a ransomware attack on the Duesseldorf University Hospital (1). Therefore, not just days but hours are critical in this medium.

When the ransomware starts to encrypt your data, you do not have a lot of options. Especially, when your backups are not up to date. You might try to decrypt the compromised data, and hope that encryption is not strong enough or hackers use the same encryption key all the time. However, that is quite unlikely. Even if you pay the ransom, there is no guarantee that hackers would give you the key after they got their money and they will not share your data with the rest of the world. Is there honor among thieves? Maybe…

Let’s take a step back. What is ransomware? How did it become the most popular hacker attack?

I will continue with these topics in the next blog. For now, I would like to thank CyberNow Labs for giving me this opportunity to share my thoughts on the ever-changing field of cyber security and thank Adilya Altynbaeva and Turkan Aksoylu for their assistance with editing.

Till next time, stay safe…


 

1.      https://www.theverge.com/2020/9/17/21443851/death-ransomware-attack-hospital-germany-cybersecurity