In recent weeks, I’ve been traveling the country speaking to audiences about the two leading enterprise threat vectors: web and email. During these presentations, we spend a significant amount of time discussing ransomware, where Bitcoin is the payment of choice. People want to know why it’s so prevalent, and how they can protect themselves.
A helpful analogy is that of the California gold rush. In January of 1848, James W. Marshall discovered gold at Sutter’s Mill in Coloma, California. This discovery set off a mass influx of more than 300 thousand people seeking their fortunes. Unfortunately, most of the miners failed to realize their dreams, and instead faced financial hardship and disease.
Although the miners’ hopes were largely shattered, one group succeeded beyond anyone’s wildest expectations: the merchants. The shop owners and manufacturers who supplied the requisite picks, shovels, pans, sluices, and clothing were the ones that ultimately struck it rich. Levi Strauss is one such example.
A similar phenomenon is taking place today with ransomware. Sophisticated criminal entities are setting up shop on the dark web, where they host user-friendly e-commerce sites that offer ransomware exploit kits to the masses. The malware is packaged and distributed in a manner that makes it relatively easy for an unsophisticated attacker to launch a widespread and costly ransomware attack. It has never been easier for criminals to get rich quick, and thus we are experiencing the Bitcoin rush, as is evident by the number of Bitcoin transactions more than doubling in the last two years.
There are similarities and differences between the two periods. Where in 1848 California’s merchants became wealthy selling picks and shovels, today’s cybercrime merchants are also becoming wealthy selling malware. But where the gold miners largely went broke, today’s 2-bit hacks are striking it rich.
Thankfully, today we have isolation technology to help eliminate the ransomware problem. Isolation inserts a secure, trusted execution environment, or isolation platform, between the user and potential sources of attacks. By executing sessions away from the endpoint and delivering only safe rendering information to devices, users are protected from malware and malicious activity. With isolation, we can now send ransomware attackers back to 1848 where, like the miners, they’ll go broke.
Learn more by visiting our Resources section.