Why does ransomware seem like a losing battle?

2.8k views2 Upvotes4 Comments

CISO in Software, 51 - 200 employees
I'm on the warpath to stop all this stuff but it does seem like a losing battle. Every time a new vertical gets hit, then all of a sudden, "Hey, we've got to figure out how to fix this." I was working with a government contracting company who manufactured a certain piece of equipment and they got hit. When they called us we realized that it was a small manufacturing facility but they had one class B subnet—not only for the office workers but for the manufacturing facility as well because it was in the same building.

When we went in there we asked, "Where's your MFA? How does everybody log in?" It was old school, not quite Windows NT but pretty bad, just local username and password login. So we fixed them to stop it from spreading but also we helped them deploy better security practices as well. I thought government contractors were checked out really well before they could sign anything with the government but apparently not.
CISO in Software, 201 - 500 employees
It is a losing battle because just like any crime, bad actors can dedicate themselves to hitting their target 24 hours a day, seven days a week with no competing priorities. It's like somebody launching a thousand nukes at you: Only one of them has to get through and you only have resources to stop 10 of them. The best analogy is the budget that NASA's given to search the skies for asteroids that will strike the earth. It's like 1%. Cyber security is given 1% to defend against a swarm of asteroids in a really big sky.

It's ironic to see how the industry has actually downgraded and gone low tech. And their most successful things aren't hitting the technology; it's hitting people using psychological aspects. You can send the CEO an email saying, "How would you like a free terabyte of cloud storage for a year? Click on this link to sign up." And it could look totally legit.
Director in Manufacturing, 1,001 - 5,000 employees
Because Ransomeware only needs one open door/window and IT needs to secure millions of potential doors/windows
Director of IT in Software, 201 - 500 employees
As long as the cybersecurity insurance pays the ransom and companies are ok with that, it is very lucrative for the cybercriminals to increase their attacks. For some companies its worth more not to invest in security and just pay the ransom. I am not saying this is ok or should be something to even consider but I am seeing more and more organizations that when they hear how much they need to invest in security they opt to take their chances and have their insurance pay the breach.

Content you might like

Malicious use of AI algorithms for targeted cyberattacks20%

Unauthorized access to sensitive AI models and data68%

Adversarial attacks compromising the integrity of AI systems9%

Lack of transparency and explainability in AI decision-making processes3%



CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
47.1k views133 Upvotes325 Comments


No, but we expect to be hit in the future.48%

No, and we don't expect to be hit by ransomware in the future.24%


2.2k views1 Upvote2 Comments