{"id":313,"date":"2017-07-14T16:36:28","date_gmt":"2017-07-14T16:36:28","guid":{"rendered":"http:\/\/securitycurve.com\/?p=313"},"modified":"2017-07-14T16:36:28","modified_gmt":"2017-07-14T16:36:28","slug":"ransomware-useful-in-more-ways-than-one","status":"publish","type":"post","link":"https:\/\/securitycurve.com\/?p=313","title":{"rendered":"Ransomware: useful in more ways than one"},"content":{"rendered":"<p><img decoding=\"async\" class=\"alignright align=right size-medium lazyload\" data-src=\"https:\/\/upload.wikimedia.org\/wikipedia\/commons\/thumb\/1\/12\/Ransomware-pic.jpg\/1280px-Ransomware-pic.jpg\" width=\"70%\" height=\"70%\" src=\"data:image\/svg+xml;base64,PHN2ZyB3aWR0aD0iMSIgaGVpZ2h0PSIxIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjwvc3ZnPg==\" \/>There&#8217;s an interesting article over at Silicon Republic saying that <a href=\"https:\/\/www.siliconrepublic.com\/enterprise\/tarah-wheeler-infosec-ransomware-inspirefest\">Ransomware is the best problem that the security industry has had in decades<\/a>. \u00a0There are a few things I don&#8217;t exactly love about this article &#8212; but there was enough of a seed there that I thought was useful to devote some time responding to it.<\/p>\n<p>First of all, what I don&#8217;t like. \u00a0First, the article is a bit on the fluffy side. \u00a0No offense to them intended by that &#8212; it&#8217;s clear it&#8217;s not intended for a practitioner audience, so the level of detail is probably appropriate. \u00a0Second, the basic gist of it seems to be that 1) ransomware is good for infosec by virtue of the FUD it generates and 2) it&#8217;s so blatant that people can&#8217;t deny that there&#8217;s a problem.\u00a0Yeah, both of those things are true. \u00a0It absolutely generates massive FUD, which does tend to get people (in the short term anyway) to take actions about stuff. \u00a0Maybe that&#8217;s not the best thing ever. \u00a0No reputable vendor or security practitioner will cultivate FUD to make a sale or to promote their own agenda, right? \u00a0But if that FUD comes from somewhere else? \u00a0 And a practitioner can harness it to useful effect? \u00a0Well, I don&#8217;t love it but it&#8217;s probably the truth.<\/p>\n<p>What I did absolutely respond to about this is that ransomware, at least in aggregate, is beneficial to the security industry beyond what was explicitly discussed in this article. \u00a0It&#8217;s true in at least one discrete, self-serving kind of way. \u00a0It&#8217;s also probably true in a broader, more altruistic-focused kind of way.<\/p>\n<p>First, it&#8217;s of benefit in self-serving way because it helps to sell products. \u00a0The same way that the FUD helps get the interest level up for the profession as a whole, it also drives product sales. \u00a0Therefore, it brings in money to the professional space. \u00a0Is that a good thing? \u00a0Probably not. \u00a0But it&#8217;s the truth.<\/p>\n<p>The more &#8220;altruistic&#8221; goal it serves is that it exposes issues that were there anyway and could have potentially been employed to some more subtle purpose somewhere else. \u00a0For example, the EternalBlue issue has been around for years &#8211; the US government had it and so did the Russians. \u00a0Yes, there are still some systems out there that are vulnerable to the issue, but I guarantee that there are a lot less of them now then there were before Petya and WannaCry.<\/p>\n<p>So is it ultimately a good thing? \u00a0Maybe in some ways&#8230; \u00a0still stinks to go through it though.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>There&#8217;s an interesting article over at Silicon Republic saying that Ransomware is the best problem that the security industry has had in decades. \u00a0There are a few things I don&#8217;t exactly love about this article &#8212; but there was enough of a seed there that I thought was useful to devote some time responding to [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[4],"tags":[96],"class_list":["post-313","post","type-post","status-publish","format-standard","hentry","category-security","tag-ransomware"],"_links":{"self":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts\/313","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=313"}],"version-history":[{"count":0,"href":"https:\/\/securitycurve.com\/index.php?rest_route=\/wp\/v2\/posts\/313\/revisions"}],"wp:attachment":[{"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=313"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securitycurve.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}