An Open Letter To Ransomware Authors

An Open Letter To Ransomware Authors

Dear ransomware authors,

Thank you! No joking, no saltiness, no BS. You may think this is in jest, but I whole-heartedly want to say ‘thank you.’ I’ve been around security long enough to see *many* turn the corner from “we’ll get to security when we get to it” to genuinely being interested in improving. I cannot begin to describe how disheartening it is to do back-to-back yearly security assessments for a bank [or countless other businesses] and have the same findings from one year to the next. The sickness in the pit of your stomach is real when you realize there were reports you could have incremented the year by one and handed it back to the customer. More recently though, information security has moved from a fringe IT problem to a real item of discussion on CNN, Bloomberg, and more importantly, among board members. Maybe compliance has helped to some degree, but my unpopular opinion is that I should thank you instead.

Why? Well, the best example is that many years ago it was ridiculously hard to get people to do backups. Sure, they realized they could lose everything. Still, it was a relatively small chance resulting from bad luck, aka a failing hard drive. Even then, IT professionals did their best to recover data even when a drive failed and we were successful more often than not. If we weren’t successful, then we could send it off to a data recovery center and they could magically recover finances, important documents, pictures of little Billy’s birth, etc. Long story short is if someone *really* wanted the data back, they could pay for their lack of preparedness and get it back.

With ransomware, the loss of data went from bad luck to a real possibility. Everyone knows someone who was hit with ransomware. I would argue it has become an ever-present part of life if you use technology. And there is a *really* good chance lost data isn’t coming back thanks to strong encryption. Yes, some ransomware authors can code and successfully retrieve the files when a victim pays the ransom. Unfortunately for you though, there are enough stories floating around of victims who paid the ransom and still can’t access their files. So how does this help exactly? Well, it’s not without heartache for sure. However, people are increasingly less willing to pay the ransom and are instead looking at how they can prevent or remedy this. The end result is everyone is a bit more careful with backing up their data and individuals/companies are spending more time, effort, and money on security… proactively.

So in all seriousness, thank you from the bottom of my heart for all that you have done. We could have been beating the security drum loudly for the next 20 years and I don’t think we would have been as successful as you in have been in such a short time. Security professionals now have the ear of people in control of the purse strings and as important, the ear of people who have the ability to drive real, long-lasting change.

Sincerely,
Dallas Haselhorst & Infosec Professionals Everywhere

P.S. I’m certain it is amazingly powerful for a young child to see the anguish on their parents’ faces when those parents have just lost their digital world. To this end, you have likely sparked the interests and curiosity of many children who will one day join the legions of security professionals encompassing the globe. Please excuse my brevity for I must go now… The game is afoot.

Ransomware - improving security everywhere since 2012

Dallas Haselhorst has worked as an IT and information security consultant for over 20 years. During that time, he has owned his own businesses and worked with companies in numerous industries. Dallas holds several industry certifications and when not working or tinkering in tech, he may be found attempting to mold his daughters into card carrying nerds and organizing BSidesKC.

One thought on “An Open Letter To Ransomware Authors

Leave a Reply

Your email address will not be published.