Intelligent CIO North America Issue 02 | Page 19

LATEST INTELLIGENCE

UNDERSTANDING RANSOMWARE IN THE ENTERPRISE BY SENTINELONE

Introduction
PRESENTED BY
Ransomware is a form of malicious software that , when deployed on a device , encrypts a user ’ s sensitive data . In order to secure a decryption key or initiate a decryption process ,
Download whitepaper the victim is required to pay a ransom to the attacker , usually in the form of cryptocurrency such as Bitcoin .

hereiThe amount demanded by attackers can vary ,

with ransoms typically in the range of $ 200 to over $ 10,000 per endpoint , depending on the size of the enterprise and the value of the data held for ransom . Ransomware , in concept , can be traced back to the late 1990s and early 2000s with the rise in popularity of “ FakeAV ” or fake system utilities which “ find ” false infections or nonexistent system issues , then demand ( aka extort ) fees in order to enable “ removal ” of these fake artifacts . Eventually , these morphed into threats like PGPCoder and similar .
These threats have much in common with modern ransomware , but there was still a weakness in the chain in the form of payment collection , processing , and management . When attackers had to rely on more tangible means of payment through legitimate conduits like Western Union , Perfect Money , and wire transfers , there was far more risk involved .
These payment systems were easily traceable and prone to various points of failure . • www . intelligentcio . com INTELLIGENTCIO
19