Interview: An Air Force Project Manager Explains How to Understand and Prevent Ransomware Attacks

A conversation with Certified Ethical Hacker John York

Despite being just halfway through 2022, ransomware attacks have already caused significant damage this year. Last month alone, hackers targeted web hosting providers, healthcare systems, and major library services, among several other high-profile attacks. The EC-Council team caught up with John York, a Certified Ethical Hacker (C|EH) from the United States who currently works as a project manager in the U.S. Air Force, to get his insights on ransomware attacks and how to prevent them. https://youtube.com/watch?v=elO8nm9668A%3Ffeature%3Doembed In this interview, John explains what ransomware is, how ransomware attacks work, and what companies can do to protect themselves.

What is a ransomware attack?

Ransomware is a form of malware specifically designed to remove access from an organization to its file system. Modern ransomware attacks have evolved from simply encrypting files and demanding payment for a decryption key to complex attacks that add data extraction and extortion to the attacker’s playbook.

How would you define a ransomware attack?

A ransomware attack encrypts the file system so that, without a decryption code, all the information stored in the organization’s file servers is inaccessible.

How does a typical ransomware attack work?

In a typical ransomware attack, the threat actor encrypts the organization’s file system, holding the decryption key ransom. That’s what gives it its name

What strategies can be used to avoid ransomware attacks?

The best strategy to avoid ransomware is understanding that there is no 100% safe solution. Ransomware can affect any organization. Without the proper backups, any organization can fall victim to ransomware. The best solution is to implement immutable backups.

“The best solution is to implement immutable backups.”

Immutable backups are backups that cannot be altered. So, if you do fall subject to ransomware, the backups are not accessible to the ransomware and can be used to restore your live data.

Is your IT team equipped to deal with ransomware attacks?

Learn how to counter cyberattacks with the C|EH, the world’s leading ethical hacking certification. Contact EC-Council to register today.

Build a Rewarding Career with the C|EH Fast-Growing Job Market

1,800+ ethical hacking job openings on LinkedIn alone1

Competitive Salary

C|EHs in the U.S. earn over $82,000 per year on average2

Wide Range of Opportunities

Prepare for 20+ cybersecurity job roles with the C|EH

  1. https://www.linkedin.com/jobs/search/?geoId=92000000&keywords=ethical%20hacker&location=Worldwide
  2. https://www.payscale.com/research/US/Job=Certified_Ethical_Hacker_(CEH)/Salary

References

BlackFog. (2022). The state of ransomware in 2022. https://www.blackfog.com/the-state-of-ransomware-in-2022/

Feuer, W. (2022, May 9). Omnicell discloses some systems affected by ransomware. MarketWatch. https://www.marketwatch.com/story/omnicell-discloses-some-systems-affected-by-ransomware-271652100711

Greig, J. (2022, May 22). German library service struggling to recover from ransomware attack. The Record. https://therecord.media/german-library-service-struggling-to-recover-from-ransomware-attack/

Selsky, A. (2022, May 10). Hackers hit web hosting provider linked to Oregon elections. Oregon Public Broadcasting. https://www.opb.org/article/2022/05/10/hackers-hit-web-hosting-provider-linked-to-oregon-elections/


Disclaimer

Views expressed in this interview are personal. The interview has been produced with the aid of a transcription service and may contain dictation, typographical, technical, and/or other errors. The facts, opinions, and language in the interview may not reflect the views of EC-Council or the interviewee’s employer, and EC-Council does not assume any responsibility or liability for the same.

Share this Article
Facebook
Twitter
LinkedIn
WhatsApp
Pinterest
You may also like
Recent Articles

Train with EC-Council