Paul Ferrillo | June 8th, 2016
Just Say No to Ransomware

Aside from the presidential election, the other big piece of news this week (at least in the corporate environment) is the continuing Ransomware plague that continues to affect U.S. businesses by encrypting its files. Though clearly The Bern and The Donald swamped news cycles earlier in the month, some very alarming statistics came out this week that all businesses should pay attention to.
One report, by a noted cyber security research company called PhishMe, noted that 93% of all phishing email (the kind of email which tries to trick you to open its attachment or to click on the link) contains ransomware. A related article noted, “According to PhishMe, its analysis of phishing email campaigns from the first three months of 2016 has seen a 6.3 million increase in raw numbers, due primarily to a ransomware upsurge against the last quarter of 2015. That is a staggering 789% jump”, see Ransomware Sends Phishing Volumes up Almost 800%. Other reports noted this week that various Ransomware variants (apparently distributed by random cybercrime groups) have morphed over the past few weeks and have gotten even more dangerous. Some morph and change every 15 seconds to make internal modifications to the malware infections sought to be inflicted. Other variants actually make fun of cybersecurity researchers attempting to break the variant, saying in effect, “’you cannot hack me, I am very hard.’ See ‘Black Shades’ ransomware taunts researchers in its source code.â€Â When malware makes fun of you, you know things have gotten pretty bad.
Why is ransomware such an awful, painful problem? Simply put, it is spread by the mere link or attachment to a spear phishing email received by an employee or co-worker, which cries out to be opened or clicked. These types of phishing or spear phishing emails can be very convincing. Some allegedly come from your bank or a perhaps a big box retailer offering a discount or credit card application. Others say, “open me please†so you can “update your personal information.†Regardless of the sender and regardless of content, every one of these spear phishing emails contains an awful package which can encrypt all your files and everyone else™’s on the network. Some ransomware variants attempt to encrypt your back up files as well. Lastly, yet another variant tries to steal your password and personal information while it encrypts your files. Of course, you say, “Just don’t open the attachment,†or “Don’t click on the link!â€Â But most Americans unfortunately cannot help themselves. They want to open the attachment. They want a good credit deal. They want “riches and fortune†from the Sultan of Arabia. But unfortunately, they don’t get any of that when they click on the link. They and their company get a barrel of hurt.Â
How do we attempt to stop the ransomware plague? Here are some good tips (several of which were just published by FireEye, in a publication entitled, “Ransomware Response Strategiesâ€):Â
1.      Train your employees, C-Suite, and directors about the perils of clicking on attachments or links of unknown origin — no matter how normal the email looks, if it comes from an unknown address or person, it might contain ransomware. Employee training and awareness works. It just needs to be done at all levels.
2.      Back up your network – I know this sounds novice, but many small to medium size businesses do not have back up or business continuity plans, do not regularly back up their networks, or do not back up their networks to an off-site or off-the-grid to solution so that the backup media does not become encrypted. There are many easy solutions out there for back up protocols and media, including cloud based solutions that are pretty easy to use. Believe us, having a ready to go and tested backup solution is a necessity in any environment. In today™’s ransomware environment, it is a “must have.â€
3.      Finally, though it costs a bit more, consider installing on your network one of the various email filters that several of the top flight cyber consultants market in order to pre-screen and block potentially malicious your email before it ever gets to an employee™’s desktop computer. Given that not all training is effective, automated approaches to potentially malicious emails may be the best approach for many businesses.
Paul Ferrillo is counsel in Weil, Gotshal & Manges’ Litigation Department.
Paul Ferrillo | June 8th, 2016
Just Say No to Ransomware

Aside from the presidential election, the other big piece of news this week (at least in the corporate environment) is the continuing Ransomware plague that continues to affect U.S. businesses by encrypting its files. Though clearly The Bern and The Donald swamped news cycles earlier in the month, some very alarming statistics came out this week that all businesses should pay attention to.
One report, by a noted cyber security research company called PhishMe, noted that 93% of all phishing email (the kind of email which tries to trick you to open its attachment or to click on the link) contains ransomware. A related article noted, “According to PhishMe, its analysis of phishing email campaigns from the first three months of 2016 has seen a 6.3 million increase in raw numbers, due primarily to a ransomware upsurge against the last quarter of 2015. That is a staggering 789% jump”, see Ransomware Sends Phishing Volumes up Almost 800%. Other reports noted this week that various Ransomware variants (apparently distributed by random cybercrime groups) have morphed over the past few weeks and have gotten even more dangerous. Some morph and change every 15 seconds to make internal modifications to the malware infections sought to be inflicted. Other variants actually make fun of cybersecurity researchers attempting to break the variant, saying in effect, “’you cannot hack me, I am very hard.’ See ‘Black Shades’ ransomware taunts researchers in its source code.â€Â When malware makes fun of you, you know things have gotten pretty bad.
Why is ransomware such an awful, painful problem? Simply put, it is spread by the mere link or attachment to a spear phishing email received by an employee or co-worker, which cries out to be opened or clicked. These types of phishing or spear phishing emails can be very convincing. Some allegedly come from your bank or a perhaps a big box retailer offering a discount or credit card application. Others say, “open me please†so you can “update your personal information.†Regardless of the sender and regardless of content, every one of these spear phishing emails contains an awful package which can encrypt all your files and everyone else™’s on the network. Some ransomware variants attempt to encrypt your back up files as well. Lastly, yet another variant tries to steal your password and personal information while it encrypts your files. Of course, you say, “Just don’t open the attachment,†or “Don’t click on the link!â€Â But most Americans unfortunately cannot help themselves. They want to open the attachment. They want a good credit deal. They want “riches and fortune†from the Sultan of Arabia. But unfortunately, they don’t get any of that when they click on the link. They and their company get a barrel of hurt.Â
How do we attempt to stop the ransomware plague? Here are some good tips (several of which were just published by FireEye, in a publication entitled, “Ransomware Response Strategiesâ€):Â
1.      Train your employees, C-Suite, and directors about the perils of clicking on attachments or links of unknown origin — no matter how normal the email looks, if it comes from an unknown address or person, it might contain ransomware. Employee training and awareness works. It just needs to be done at all levels.
2.      Back up your network – I know this sounds novice, but many small to medium size businesses do not have back up or business continuity plans, do not regularly back up their networks, or do not back up their networks to an off-site or off-the-grid to solution so that the backup media does not become encrypted. There are many easy solutions out there for back up protocols and media, including cloud based solutions that are pretty easy to use. Believe us, having a ready to go and tested backup solution is a necessity in any environment. In today™’s ransomware environment, it is a “must have.â€
3.      Finally, though it costs a bit more, consider installing on your network one of the various email filters that several of the top flight cyber consultants market in order to pre-screen and block potentially malicious your email before it ever gets to an employee™’s desktop computer. Given that not all training is effective, automated approaches to potentially malicious emails may be the best approach for many businesses.
Paul Ferrillo is counsel in Weil, Gotshal & Manges’ Litigation Department.
- Brand
- The Fifth Estate: A Business Guide for Surviving “The Troubles”
- Here We Come
- Corporate Revolt Over Campaign Donations Shakes Political World
- What Happens Next?
- CSR & Sustainability
- Public Perception & the Biden Transition
- WATCH: Reputation Management with PRSA
- Over the River and Through The Woods
- Why Non-Profits are so Vulnerable to Crisis Risk
- The Threat to Free Markets
- What Happens When Nonprofits Get Caught In The Klieg Lights?
- You Took a PPP Loan. Now Get Ready to Talk About It.
- Communications
- The Fifth Estate: A Business Guide for Surviving “The Troubles”
- Here We Come
- The Ministry of Common Sense
- Why Should I Apologize? Lawyers vs. Communicators
- What Happens Next?
- CSR & Sustainability
- A Conversation with Abbe Lowell
- A New Year’s Resolution
- Public Perception & the Biden Transition
- WATCH: Reputation Management with PRSA
- Leveraging Legal Expertise in Communications
- Over the River and Through The Woods
- Company News
- Here We Come
- Recent Awards & Recognition
- Won’t You Be My Neighbor?
- What’s a Director to Do?
- LEVICK Announces Partnership with BCG
- A New Look
- Albert Krieger, 1923-2020
- LEVICK Announces Partnership with Jipyong
- Speaking to In-House Counsel
- Childhood Lessons
- LEVICK Announces New Webinar Series with Turbine Labs
- LEVICK Launches New Website
- Crisis
- The Fifth Estate: A Business Guide for Surviving “The Troubles”
- What to expect as the clock approaches midnight
- How to Stop the Madness
- Corporate Revolt Over Campaign Donations Shakes Political World
- A Remembrance of Tommy Raskin
- No ‘justice’ in rep’s vote
- A Call for Orderly & Peaceful Transition of Power
- Recovering from the Greatest Sacrifice
- The Cost of Government Regulation and the Threat to Free Enterprise
- What Happens Next?
- A Conversation with Abbe Lowell
- Covid-19: The Pandemic that Never Should Have Happened
- Finance
- Here We Come
- The Threat to Free Markets
- Advisory & Insurance Services
- WATCH: Revolutionizing Litigation Finance
- Litigation Finance: Revolutionizing Litigation
- Consumer-Focused Solutions for Financial Health
- Event: Consumer-Focused Solutions for Financial Health
- Sports: Power and Money in a New Age of Social Justice
- The Balancing Act: The Role of Whistleblowers in American Commerce and Government
- The Evolving and More Powerful FARA
- FCPA & Compliance in a Time of Uncertainty
- Shareholders vs. Stakeholders: Is the Paradigm Shifting?
- Guest Column
- Guest Blog: The Mainstream Media Gets an A for Intellectual Arrogance, an F for Journalism
- Buckle up Directors: Cybersecurity Risk and Bankruptcy Risk Are Not Mutually Exclusive
- Buckle up Directors: Cybersecurity Risk and Bankruptcy Risk Are Not Mutually Exclusive
- South Africa: The Slow Decline of the ANC
- Why CSR Fails and How to Fix It
- What to Expect Following the European Elections?
- Buhari Inaugurated. What Now for Nigeria?
- Marketing- It’s Up To You…
- Crisis Management lessons from the air-crash investigation model
- The Future of War
- Health
- Food Issues & the Biden Administration
- Covid-19: The Pandemic that Never Should Have Happened
- Pharma’s Post-Pandemic Policy Outlook
- Keeping Hope Alive
- Real Herd Immunity
- The Fiction of College Sports Amateurism
- Mac Summit: Crisis Communications in a Post-Covid, Post-Election World
- Travel Industry Communications in the Age of Covid-19
- Track of Time
- Is C-19 Taking Women Lawyers’ Careers Back to the 1950s?
- Post-Pandemic PR Strategy
- Bankruptcy: A Culture of Transparency
- In Memoriam
- Snider’s Super Foods: Locally World Famous
- Speak Truth With Love, Not Anger
- In Memoriam: Stephen Susman
- Letter to the Movement
- John Lewis’ Life Bridged the Best of America
- Albert Krieger, 1923-2020
- In Memoriam of Marcia Horowitz
- Jim Lehrer Passes Away
- Martin Luther King, Jr.
- Harold Burson Passes Away
- Interviews
- CommPRO: Ruth Bader Ginsberg’s Life & Legacy
- Richard Levick on “My Wakeup Call”
- Primerus Webinar: Into the Wind
- The Future of Baseball Post-Pandemic
- Webinar: The End of Brand Neutrality
- Thought Leadership & Organic Growth
- Man & Superman
- LEVICK Announces New Webinar Series with Turbine Labs
- Navigating Coronavirus Challenges in the Insurance Industry
- VIDEO: How to Anticipate & Avoid a Crisis
- What’s Next? with Julie Chase
- What’s Next?: California Electoral Behavior
- Law Firms
- Why Should I Apologize? Lawyers vs. Communicators
- You Took a PPP Loan. Now Get Ready to Talk About It.
- Beyond Black Swan: Positioning the law firm for the new normal
- A Salute to Personal Courage and the Rule of Law
- Cyber Risk Institute Expands Its Profile
- When a client becomes a law firm’s PR nightmare
- The General Counsel’s Dilemma
- A First Look at the Google Antitrust Suit
- The Latest Top Class Actions
- Trust on Trial: How Communicators Succeed in a World No Longer Trusted
- The Latest Settlements, Class actions, Investigations & More
- Managing Legal & Communication Advice in a Crisis
- Litigation
- Why Should I Apologize? Lawyers vs. Communicators
- A Conversation with Abbe Lowell
- Leveraging Legal Expertise in Communications
- You Took a PPP Loan. Now Get Ready to Talk About It.
- Beyond Black Swan: Positioning the law firm for the new normal
- A Salute to Personal Courage and the Rule of Law
- Cyber Risk Institute Expands Its Profile
- When a client becomes a law firm’s PR nightmare
- The General Counsel’s Dilemma
- WATCH: Revolutionizing Litigation Finance
- Litigation Finance: Revolutionizing Litigation
- A First Look at the Google Antitrust Suit
- Our Work
- Recent Awards & Recognition
- The Cyber Bad Guys Are Getting Worse
- Crisis Communications & The Age of Cancel Culture
- Standing on the Shoulders of Giants
- Video: Conversations with American Legends
- Staying Ahead of the Crisis
- A New Era of Insurance Marketing
- Infographic: Judgment Free Zone
- Infographic: Barriers to Entry
- Infographic: History Meter
- Assistance for Law Firms Engaged in Pro Bono
- Webinar: The End of Brand Neutrality
- Public Affairs
- The Fifth Estate: A Business Guide for Surviving “The Troubles”
- What to expect as the clock approaches midnight
- How to Stop the Madness
- Corporate Revolt Over Campaign Donations Shakes Political World
- No ‘justice’ in rep’s vote
- A Call for Orderly & Peaceful Transition of Power
- Recovering from the Greatest Sacrifice
- Food Issues & the Biden Administration
- The Cost of Government Regulation and the Threat to Free Enterprise
- What Happens Next?
- CSR & Sustainability
- A Conversation with Abbe Lowell
- Risk
- Ingredients of Decency
- ESG Performance and Credit Markets
- The Coronavirus Saga is Just Beginning
- No. 1 Risk of the Decade
- The Risk Evolution of Corporate Risk
- Extend Risk Management Reach
- Collective Action
- Risk Identifying Software
- The New Risk of Doing Nothing
- Political Unrest In Hong Kong
- High-Profile Kidnaps in African National Parks
- Cyber Resilience
- Social
- The Ministry of Common Sense
- How to Stop the Madness
- A Remembrance of Tommy Raskin
- No ‘justice’ in rep’s vote
- A Call for Orderly & Peaceful Transition of Power
- Recovering from the Greatest Sacrifice
- CSR & Sustainability
- A New Year’s Resolution
- Dropping the Mic
- Won’t You Be My Neighbor?
- Crisis, Covid, DEI & the Election
- MLK’s Memphis Address
- Technology
- Constella Intelligence Announces Hunter for Improved Investigation Capability
- Cyber Risk Institute Expands Its Profile
- Digital Politics: The Future of Voting Technology
- Ethics in Electronics
- The Cyber Bad Guys Are Getting Worse
- A First Look at the Google Antitrust Suit
- The Pause
- Cybersecurity Incidents of the Summer
- The Changing Digital Economy and Cyber Risks
- The Future of U.S. Manufacturing
- Tech CEO Summer Superbowl hearing
- Technology & Privacy Alert
- This Week
- A Remembrance of Tommy Raskin
- A New Year’s Resolution
- Over the River and Through The Woods
- Dropping the Mic
- Won’t You Be My Neighbor?
- The Cyber Bad Guys Are Getting Worse
- What We Hear
- Track of Time
- Video: Conversations with American Legends
- Conversations with American Legends
- A New Era of Insurance Marketing
- American Legend