Infiltration is gaining access to the enterprise's system to get information and use it to conduct malicious activities without their consent. Many enterprise use networks to connect the information to their users and people within the organization (Holzer & Lerums, 2016). These wireless networks are vulnerable to attackers if not protected well.

            An enterprise would find it necessary to practice infiltration as response to a hacking activity, a process known as “hacking back”, purposely to find information of the hacker. The enterprises practice it since, in most cases, the response rate of evidence extraction by law enforcers is slow. Furthermore, even if the authorities have clear evidence on who did it, prosecution is slow and inconsistent. Some claim that the systems that attackers use are mostly vulnerable and, therefore, infiltration helps in incapacitating those systems as part finding the overall solution to ensure safety against further hacking (Holzer & Lerums, 2016).  The company also needs infiltration techniques to test the security of their networks and point out vulnerable areas that need extra protection measures including sensitizing employees on the practices that might lead to such infiltrations.  

            When a company hit by the ransomware, the malware that can lock up the system until payment fee is paid to the extortionist is made. There’s no specific cost as the attackers make their demands informally (Olenick, 2020). As an example, Atlanta, a company in US, was in 2018 hit by SamSam ransomware and declined to honor the payment of it $51,000 ransom demanded after they were unable to decrypt the information and eventually ended up spending $17 million and a number of days rebuilding the network (Olenick, 2020). Baltimore also got itself in the similar situation and refused to pay $76,000 and ended up spending around 18 million and took almost a year to rebuild its network.

There’s a question on legality of enterprise infiltration practices as per the law and also if it is good to it. Most laws have not captured well on the grounds of practicing infiltration. However, they discourage hacking in general terms. For instance, Federal Bureau of Investigation of US terms hacking illegal whether it is ethical or not and advices companies to be honest and pay the ransom as they pursue enforcement of the law (Olenick, 2020).

 References

Holzer, C. T., & Lerums, J. E. (2016, May). The ethics of hacking back. In 2016 IEEE Symposium on Technologies for Homeland Security (HST) (pp. 1-6). IEEE

Olenick, D. (2020). Ransomware: To pay or not to pay | SC Media. Retrieved 19 May 2020, from https://www.scmagazine.com/home/security-news/ransomware/ransomware-to-pay-or-not-to-pay/