Virtualization Technology News and Information
Article
RSS
VMblog Expert Interview: Theon Technology Talks Data Protection, Ransomware Attacks, Encryption and More

interview-theon-bledsoe 

It’s no secret that criminal international actors are constantly looking for ways to access and take precious data from organizations in the US.  When it comes to banks and financial institutions, cyberattacks are a big concern.  And it stems from failure to protect, control, and secure data properly.
 
To learn more about encryption, protecting data, and ransomware attacks, VMblog reached out to industry expert, Scott Bledsoe, CEO of Theon Technology, who educates about international threats, the rise in cyberattacks and how to best mitigate those risks.

VMblog:  What is the most common mistake organizations make when going about encryption?

Scott Bledsoe:  The most common mistake organizations make is utilizing a single key that encrypts an entire organization's data, and storing it in an unsafe environment. This leaves the key vulnerable, and easily accessible to bad actors. Once the vulnerable key is obtained it grants access to all precious data and can have serious implications for individuals and businesses.

VMblog:  What proactive steps can organizations implement to securely protect their data?  What needs to be done first?

Bledsoe:  One solution is OTP (one-time pad), as it is necessary to keep classified data safe and can be easily adopted. A big perk for OTPs is that not only are they extremely secure, they are incredibly easy for organizations to integrate into their wider authentication strategies. It's vital for organizations to review current encryption policies and technologies deployed, as well to ensure there are no open vulnerabilities to be exploited. In addition, the application of newer quantum-resistant approaches will mitigate potential short and long-term harm. The time is now to take these proactive steps. Quantum computers can decipher cryptographic keys and create threats, much like attackers are known for.

VMblog:  Why is it so easy for attackers to decrypt data?

Bledsoe:  The answer to this is plain and simple. It stems from the use of a single key to encrypt all records and store the key in an unprotected environment. All it takes for an attacker is to find the key and they will have access to all an organization's precious data. The use of a single key to encrypt all records and store them in an unprotected environment, plus the use of older technologies, creates the ideal situation for cybercriminals at home and abroad to crack the code.

VMblog:  Who should be most concerned about a ransomware attack? Is it primarily businesses or even private individuals?

Bledsoe:  ALL business and individuals need to be equally concerned about ransomware attacks because many of these attacks are initially not targeted. Rather, bots scan the Internet for specific types of vulnerabilities and then decide who they want to target for full-on ransomware attacks.

The good news is that potential damage from ransomware attacks can be minimized with two relatively easy fixes. First, set up a regularly-scheduled data backup solution that - critically - is NOT connected full time to your other IT systems. Second, effective cybersecurity awareness training for all employees of organizations can prevent most ransomware attacks under currently used attack vectors.

VMblog:  What is considered to be the "most valuable data" to bad actors?

Bledsoe:  From what we've seen so far, no industry is an exception to an attacker's motives. However, unsurprisingly, common targets are banks and financial institutions. In the near future, with the rapid advances in quantum computing, bad actors have the potential to gain access to weapon designs, undercover programs, access  pharmaceutical and chemical intellectual property, financial data and material science research.

VMblog:  If an organization has a ransomware attack occur, should they pay the ransom? If not, which other options should they consider?

Bledsoe:  It's difficult to give a definitive answer, as each incident should be taken on a case-by-case basis. However, it is advised not to pay the ransom, although that is often not the case as there is so much at stake here.

VMblog:  What should an organization do first if an attacker gains access to their data?

Bledsoe:  Most importantly, protecting against an attack after the fact is far too late. Organizations must be proactive in protecting their data, including with strong encryption, ideally as protective as One-Time-Pad based encryption and a detailed, exercised plan for how the organization will respond once an attack occurs;

Once an organization knows an attacker has gained access to their data, they should (1) do no harm - meaning immediately engaging breach response experts (ideally arranged for ahead of time and ready to go). This should happen before the IT staff or others take measures hoping to stop the bleeding as making a mistake at this point could make the breach catastrophically worse; (2) put the response process under expert, outside legal counsel so that, if there is future litigation, the other side will not be able to access confidential information about the response; and (3) carefully coordinate any statements about the breach to customers, business partners, or to the public with legal counsel and appropriate corporate leaders (planned out in advance) as breach disclosure obligations are in effect in most legal jurisdictions but these are complex and conflicting.

VMblog:  Are there any recent trends Theon has been seeing that organizations need to be aware of when it comes to encryption, decryption and data vulnerability?

Bledsoe:  Even though the advantages new quantum computing approaches provide are still a decade away from completely overturning current traditional methods, we are seeing an increase of data being harvested so that it can be decrypted once quantum computers of sufficient power are available. Organizations need to get ahead of cybercriminals by integrating an extra layer of protection by applying quantum-resistant approaches to their security environments, to avoid a potential breach today or in the future. Quantum computers can decipher cryptographic keys at impressive speeds and create threats that organizations will not be prepared for.

##

Published Thursday, August 11, 2022 7:31 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<August 2022>
SuMoTuWeThFrSa
31123456
78910111213
14151617181920
21222324252627
28293031123
45678910