Ransomware and Quintessential Leadership

Posted: May 19, 2017 in General Things about Quintessential Leadership
Tags: , , , ,

May 12, 2017 WannaCry Ransomware AttackWith the global proliferation of the WannaCry ransomware attack on May 12, 2017, the general population beyond the IT world, which has been battling these kind of ransomware attacks on a smaller and more localized scale for some time, was educated in the nature of, how fast, how damaging, and how crippling a ransomware attack on computer systems and networks can be.

Ransomware programs come in generally through an email attachment. The hardest part of combating this aspect, however, is that it may be attached to a legitimate email with a legitimate attachment (if the sender’s computer is infected), so the old rules about not opening emails or attachments from senders you don’t recognize don’t do you any good with ransomware.

This makes them stealthy and insidious, causing a world of trouble before you even realize what they’re doing.

Every ransomware program does five things when they are activated:

  1. They make copies all of the data files
  2. They encrypt all the data file copies
  3. They delete the original data files
  4. They hijack the system with a ransom note (usually demanding a bitcoin payment to have the files deencrypted)
  5. They find vulnerabilities in the network the system is on and spread quickly to unprotected systems and servers, where the first four steps are repeated

And if an infected computer sends an email with an attachment once a ransomware attack is underway, the program is sent to wreak the same kind of havoc on another computer, another network, and more servers.

It is likely because of how much medical and academic connectivity the EU has in place that the ransomware attack was so massive and affected so many computers and systems.

However, it will be interesting to see the forensics on how FedEx here in the US became part of the attack, since it would seem that they would have appropriate security in place to prevent a ransomware attack. In some ways, their seemingly lax security measures don’t surprise me, though.

The average person would probably never do anything online again if they really knew how little value many companies put on adequately securing their systems, adequately securing data, and doing systemwide backups on a comprehensive schedule using multiple, redundant platforms to ensure that data backup are real-time backups at any moment in time.

Many companies are so focused on their bottom lines that they are willing to roll the dice that a catastrophic system failure won’t happen to them, choosing instead to forgo the expense (both of expertise and mechanisms) and time to properly secure their data.

Some companies get lucky. And some don’t.

Ransomware programs are almost impossible to keep up with and to successfully combat and/or eliminate. Software security companies are always way behind in blocking them and offering current and reliable decryption tools.


Ransomware is always being tweaked by hackers and cybercriminals so that each iteration behaves slightly different from the one before it, so what might have worked yesterday – if the security companies could even keep up that fast (they can’t) – won’t work today.

It’s a losing battle that IT has never been able to get a real handle on and probably never will just because of the fluid nature of how ransomware (and other malware) works.

But there is another kind of ransomware that exists beyond the world of technology.

This ransomware comes in the form of people and it continually affects every type of organization – business, political, academic, non-profit, social, and religious – in one way or another.

This kind of ransomware works on the same basic principles as computer ransomware (I would submit that it began with the serpent in the Garden of Eden, because the methodology has never changed).

It comes in stealthily and unnoticed. It looks and sounds innocuous and legitimate. Once activated, it hijacks and takes everything it can get to hostage, and it demands a ransom with the promise that everything will return to normal once the ransom is paid.

We’ve all been witnesses to this kind of ransomware, but we may not all recognize it for what it is because people tend to be much better at being hidden ransomware than computer programs are.

Nothing is necessarily as blatantly in your face with people who are ransomware the way it is with a ransomware program, which is what makes them harder to detect and combat and/or eliminate.

Let’s look at some common ransomware examples that are infecting organizations.

One is the person who has enough power to have their fingers in a lot of pieces of the pie in the organization (even though many of these are not officially within their job function).

This ransomware hijacks the organization through control (where each person in the organization stands personally, by whether they like you or not, with this ransomware depends on whether that person is able to operate effectively – do their job – or not) and through sniffing out potential rivalries or conflicts and actively pitting the people involved against each other.

This ransomware thrives on chaos and drama, but they are so good at their method of infection that they never get involved personally in the messes they are continually initiate and then fuel into a full-blown conflagration.

This ransomware also, in rivalries and conflicts, will often seem to side with each person in the rivalry or conflict, while in fact, as they watch the situation unfold, they will pick a winner and make sure everyone else fails, because they have the power within the organization to do that.

This ransomware takes the organization hostage by interfering with the normal flow of operations and manipulating the productivity and ability of people within the organization to do what they were hired to do. Organizations lose good people under false pretenses all the time because of this type of ransomware.

Another common kind of ransomware in organizations is the executive utility player. This person doesn’t really have a defined role or function within the organization, but they are the right-hand person for the CEO or president of the organization.

What they really do is clean up messes – personal or organizational – by whatever means are necessary to sanitize the CEO or president and the organization.

This ransomware knows where all the bodies are buried, and because they’re the keeper of secrets, they have the trust of the CEO or president of the organization.

Therefore, they wield a great deal of power within the organization and they hijack the organization by using this power in a very Machiavellian fashion to effect the rise or fall of people within the organization.

This kind of ransomware tends to be affable with a caustic edge, but it’s impossible to ever tell what they are really up to or what they really think or believe. They take the organization hostage – sometimes leaving quite a bloodtrail behind them – by always ensuring what’s best for them is the outcome instead of what’s best for the organization.

A third common type of ransomware in organizations is the person who is devoted to idea the perfection of the organization as an institution instead of to the people who actually are associated with the organization.

This ransomware is one of the most insidious to an organization because on the surface it looks like everything they are doing is for the organization (and they often don’t even realize they are ransomware), but the reality is that they are gutting the organization.

This ransomware hijacks the organization by demanding complete loyalty and devotion to the organization. It will not entertain anything that’s not already in place within the organization because this ransomware believes the organization is already perfect.

This ransomware also believes that the organizational status quo is perfect and right and doesn’t even need to be discussed to see if things can be done better or differently, if the facts bear out that would be the right thing to do.

This ransomware will do anything, even at times spinning and slanting the truth or not bothering with the truth at all, to preserve its idea of the perfection of the organization as an institution.

This ransomware takes the organization hostage by driving away the people who are associated with the organization, but who are basically bound and gagged from actually doing or saying anything that might improve or help the organization become better.

There are many other kinds of people ransomware. I challenge each of you to look around for ransomware in your life. Anyone that acts like ransomware as defined by the basic characteristics describe above is, in the end, ransomware.

As always, though, for those of striving to be quintessential leaders, each of must now look in the mirror and examine ourselves in relationship to this topic. While it’s easy to see in others, it is never so easy to see in ourselves.

But we must determine whether we are, in fact, ransomware in any part of our lives.

Are there any behaviors of ransomware – infecting, destroying, hijacking, or holding hostage for a ransom – that define who and what we are and are doing?

If so, we need to combat and eliminate them immediately because this is the opposite of quintessential leadership.

How are we doing?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s