March 11, 2021
Podcast Pick: “All About Ransomware” from a16z
Sometimes it’s helpful to step outside of your circle and see what other people are saying about your sector. When the renowned venture capital firm Andreesen Horowitz released a new episode of their a16z Podcast about ransomware, we pressed “play.”
In “All About Ransomware,” a16z’s Das Rush hosts an explainer episode that goes beyond the topic’s technical details. She explores ransomware’s sinister global ecosystem with a16z Security Operating Partner Joel de la Garza, and Flashpoint Intel SVP of Intelligence Tom Hofmann.
The 35-minute episode covers the worldwide network that enables ransomware’s criminal organizations, and the growing cybersecurity challenges they present. If you have the time, it's well worth a listen. Below you’ll find some key points from de la Garza for discussing ransomware with clients and prospects:
Why should you care about ransomware: “All businesses are essentially tech, data, computer businesses. And so when you start to be able to take those kinds of information assets hostage, it gives you the leverage to demand money from them in order to release them.”
What a ransomware attack targets: “There’s definitely been an evolution in the way that ransomware has taken things hostage...Two years ago, it would focus on taking hostage hardware assets...As it’s evolved...they actually started going after data.”
Ransomware attackers are surprisingly well organized: “There are a lot of opportunities for individuals who want to get involved in this type of activity...If you’re running your own ransomware scheme, you can rent out the ransomware service. You can rent out the infrastructure. You can rent out negotiating services. You can rent out all pieces of that, and you get to keep 80% of your illicit proceeds. And then you give 20% back to the larger collective....”
Some nation-states play a part in letting it happen: “With adversarial countries...you’re just basically creating these incubators where you have these really innovative, dynamic organizations at the cutting edge of committing crimes.”
Cyber insurance: “The criminal actors...have built a very sophisticated business as a way to extract these payments from these insurance companies.”
The impact of OFAC (Office of Foreign Asset Control): “The U.S. Treasury Department issued advice that paying some of these ransoms to people that were on the OFAC list could get you into some serious trouble.”
Attack prevention: “These guys are using low-effort, low technical sophistication operations at scale.”
Responding to the attack: “If you don’t have good backups...the chances of recovery are pretty slim.”
Negotiating with attackers: “We tell victims all the time: You’re dealing with criminal actors. There’s a risk, and we’ve seen it, even recently, where you make a payment and the actors, they say, ‘Nope. Now the ransom is double. Pay me more.’”
What’s next with ransomware: “I think it’s going to be using that information to identify individuals...what can they do to the individual, and the customers, and the employees to really extend this criminal enterprise to your home and your family?”
It’s an informative update on ransomware’s big picture. To drill deeper, be sure to read our Global State of the Channel Ransomware report.