Ransomware: Re-Evaluating Our DefensesCarbon Black's Johnson on Technical, Cultural Challenges to Improving Security
There are two elements of a ransomware attack - the infection and then the action that takes place on infected devices. And both elements are evolving, says Ben Johnson of Carbon Black. He shares insight on how to improve ransomware defenses.
Infections are on the rise - the daily headlines are testament to that, says Johnson, co-founder and Chief Security Strategist at Carbon Black. But what many security leaders don't see behind the scenes is how attackers are launching attacks that try to circumvent human defenses.
Social engineering is still effective, Johnson says, but taking the human out of the equation leads to even greater infection rates.
"If you can target a server or a remote desktop - someplace where there is no human - your chances as an attacker go up," Johnson says. "So, we're starting to see more targeting of servers and desktops through brute-forcing of credentials, or finding vulnerabilities in websites and then just automatically trying to encrypt their system."
When it comes to defending against these evolve attacks, organizations have two options: They can harden their systems to prevent infection, or - failing that - they can work to close open doors after they've been infected.
In an interview about defending against ransomware, Johnson discusses:
- How ransomware and its targets have evolved;
- What to do to prevent infection, and how to respond when ransomware takes root;
- The surprising cultural challenges one often faces when fighting ransomware.
Johnson is co-founder and chief security strategist for Carbon Black. In that role, he uses his experience as a cofounder and chief technology officer for Carbon Black, which merged with Bit9 in February 2014, to drive the company's message to customers, partners, the news media and industry analysts.
Johnson, who was directly responsible for the powerful functionality of the Carbon Black endpoint threat detection and response (ETDR) solution, has extensive experience building complex systems for environments where speed and reliability are paramount.