Dark Reading is part of the Informa Tech Division of Informa PLC
This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
| Excellent article plus its information and I positively bookmark to this site because here I always get an amazing knowledge as I expect. |
| Excellent article plus its information |
7 New Cybersecurity Vulnerabilities That Could Put Your Enterprise at RiskIn this Dark Reading Tech Digest, we look at the ways security researchers and ethical hackers find critical vulnerabilities and offer insights into how you can fix them before attackers can exploit them.
The Changing Face of Threat Intelligence
This special report takes a look at how enterprises are using threat intelligence, as well as emerging best practices for integrating threat intel into security operations and incident response. Download it today!
Tweet This
17 Comments
User Rank: Strategist
11/21/2016 | 10:10:36 AM
That being stipulated, it should be rather easy to have the OS, or any OS, monitor activities for encryption and notify users of questionably nefarious activities.
Online game makers have long ago created CPU process monitors to prevent realtime game 'cheating'.
The function is simple to understand, monitor for encryption code running in the cpu rather than the contents of an executale. Then stop it unless the user permits. Otherwise send it to AV for cleanup. Building it is a bit more complex as was the one my firm built for a client. Really the CPU resources and disk activity of full disk encryption is really easy to detect.
Ransomware exists because we make computers with an interface non technical people can use, It wouldn't live very long in a command line OS. Holding users responsible for their failures just adds more stuff people will ignore. It is the responsibility of the service, software or vendor to protect the user.
As an analogy: If you rent a hotel room for a night, go to dinner and your door doesn't lock, and someone comes in and spray paints the room and your possessions, who is ultmately responsible for the loss? You as temporary rentor of the service, or the security of the hotel?
We need legislation to clearly identify responsibility and the limits of that responsibility.
Still, it is a problem that technology created, one that is beyond the technical expertise of most users, and one that is solvable through intelligent technology.