Skip to content
Originally published on TechTarget. Alvaka’s COO and CISO—Kevin McDonald—discusses that, although cyber attackers are the main culprits for ransomware attacks, the companies that release flawed software or those who don’t install patches are not off the hook.
In early May, hackers infiltrated the Baltimore, MD, computer network. The ransomware attack ended normal business operations, interrupted critical city services, cost the city millions and inconvenienced hundreds of thousands of residents.
Baltimore joined the list of other cities that have fallen victim to serious ransomware threats that affect business and commerce. While ransomware attacks have many variations, they generally make victims’ data unrecoverable due to strong encryption enabled by cyberattackers who then demand payment to decrypt the data.
While Baltimore may be typical of many ransomware attacks against government and businesses, it is atypical in other ways. The city said the attack was facilitated by the use of EternalBlue, a cyberweapon developed by the U.S. National Security Agency (NSA). The capability behind EternalBlue was allegedly stolen from or leaked by an NSA employee and later released in April 2017 by a group called the Shadow Brokers. [Click HERE to read an article written by Kevin McDonald in 2017 predicting outcomes like this.]
Fingerprints of EternalBlue’s use by cybercriminals actually showed up as early as 14 months before the Shadow Brokers dumped the files. The NSA disputes Baltimore’s claim that EternalBlue is involved in the attack. But the NSA’s objection doesn’t change the basic problem — that cyberweapons were either stolen or released, and U.S. government tools were subsequently used to attack businesses and individuals. Baltimore refused to pay the ransom, and the city’s government asked for millions of dollars in relief from the federal government, which ultimately means from the taxpayers…
Click here to read the full article on TechTarget.
Blog written by Kevin McDonald, COO & CISO – Alvaka Networks
Kevin B. McDonald is the chief operating officer and chief information security officer at Alvaka Networks. Kevin is a trusted technology and security practitioner and public policy advisor to some of America’s most influential people and organizations. He advises corporate executives, federal and state legislators, law enforcement, high net worth individuals and other business leaders. He is a sought after consultant, writer, presenter and trainer on the issues surrounding personal, physical and cyber security, compliance and advanced technology. Kevin has written for and been interviewed by dozens of national publications and on major television, radio and digital outlets.
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a type of software testing performed by Alvaka after a software patching sequence to ensure that the system is working correctly and to identify any misconfigurations or conflicts within the patched system.
This is a basic cost calculator for you to compute your typical monthly cost for patching your servers, PCs, laptops, tablets and associated application software. It also forms the basis for you to begin calculating your Return on Investment for software patching, or for comparison with alternatives to the manual process of patching operating systems and application software—such as Patch Management as a Service, also known as Vulnerability Management as a Service.
You want to enter in a fully burdened labor rate for this field. What that means is that you want to take the base hourly rate, plus 25-30% for employer payroll taxes, benefits, vacation/holiday time, etc.
Smoke testing is a term used to describe the testing process for servers after patches are applied.