Reset on Ransomware, a Cybersecurity Attack that Uses Malware to Exploit System Vulnerabilities

September 7, 2018

Hikvision Outlines ‘Defense in Depth’ as Key Step to Reduce Security Concerns

Hikvision Outlines ‘Defense in Depth’ as Key Step to Reduce Security Concerns 


A recent article by provides an overview of ransomware, a cybersecurity attack that uses malware to exploit system vulnerabilities.

Ransomware is a type of malware (malicious software) that locks up a victim’s data so it can only be decrypted with an encryption key, which is provided to the victim once they make a ransom payment, often paid in cryptocurrency such as bitcoin, according to the article. Verizon’s 2018 Data Breach Investigations Report uncovered that ransomware accounts for 85 percent of all malware found in healthcare systems and accounts for more than 50 percent of discovered malware.

WannaCry is a recent high-profile ransomware attack that exploited a vulnerability in the Microsoft Windows operating system. From the article: “WannaCry is estimated to have infected more than 300,000 systems across 150 countries in a matter of days.” The author, Ray Coulombe, also details others cases such as SamSam ransomware that hit the City of Atlanta in March 2018, and GandCrab, which is typically delivered through phishing emails.

Recommended procedures to reduce security concerns from malware include the use of strong passwords, multi-factor authentication, and disabling unused ports. The article also outlines “defense in depth,” a risk management approach that uses diverse defensive strategies.

Hikvision’s director of cybersecurity, Chuck Davis, advocated for “defense in depth” in a recent blog post. “It’s based on the idea that multiple layers of defense will provide additional protection against a potential cyberattack. This includes network segmentation, which simply stated means splitting a network into separate networks that are isolated, not connected, and compromising one won’t compromise the others. … This is effective for the obvious reason of keeping sensitive resources only accessible by those who need access, but it is also an effective means of compartmentalizing a network environment in case of cyberattack or malware infection,” said Davis.

IMPORTANT! This model requires non-standard firmware. Do Not Install standard firmware (e.g. v.4.1.xx) on this model. Doing so will permanently damage your system. You must use custom firmware v.4.1.25 from the iDS-9632NXI-I8/16S product page.

By downloading and using software and other materials available via this website, you agree to be legally bound by HIKVISION General Terms of Use . If you don’t agree to these terms, you may not download or use any of those materials.

If you are agreeing on behalf of your company, you represent and warrant that you have legal authority to bind your company to the General Terms of Use above. Also you represent and warrant that you are of the legal age of majority in the jurisdiction in which you reside (at least 18 years of age in many countries).