The End of Ransomware
The Wall Street Journal carried a story yesterday about a hacked school district in Nevada where personal data for 320,000 students was published online when officials didn't pay the ransom. The hackers published social security numbers, grades, etc. which is obviously awful news for the affected students who already are having to cope with Covid-19 related problems.
What's really tragic is it didn't have to be this way. A ransomware attack like what happened to Nevada is only possible if the hacker can threaten to reveal private information. Encrypt the information and the hacker's threat is meaningless.
While the WSJ article did not report how the 320,000 student records were stored, it's a safe bet they were in a database since there is no other way to efficiently search and process that amount of data. And it's also perfectly understandable that it was unencrypted; until recently encrypting the data stored in a database would break the database. Today, however, that's no longer true and Aroki's family of SAFE products provide full protection for MongoDB, Elasticsearch, and DynamoDB (and other platforms are coming). We encrypt the data in such a way that it is complete gibberish to anyone lacking the security key and yet it can still be processed by a database.
Ransomware attacks cost the U.S. an estimated $7.5 billion in 2019 according to this MIT Technology Review article. Not all of that was for attacks like Nevada's but if the data held for ransom by hackers was valueless because it was random noise - i.e., because it was encrypted - that would be a major step towards ending the $7.5 billion ransomware business.