How To Prevent Ransomware (and Leprechauns) From Locking Up Your Data
St. Patrick’s Day is right around the corner, but before you crowd into your local pub and raise a green pint in honor of the Irish patron saint, keep an eye out for mischievous leprechauns… a.k.a: cybercriminals. No pot of gold is safe: including your company data.
Leprechauns may be the stuff of folklore, but ransomware attacks are all too real. This style of cyberattack is steadily on the rise, growing by 128% year over year. And just like a pesky Leprechaun on St. Pat’s, this threat isn’t going away. Focus on how you can start preventing your company from becoming the threat’s latest victim:
Get to Know the Enemy
Ransomware is a form of malware that uses encryption to hold a victim’s data and files hostage. Once in control, the attackers force victims to hand over hefty ransoms to get their data back. Your company’s gold may be forever lost at the end of a distant rainbow.
Fortunately, there are steps every organization can take to mitigate the risk of attack, spot attempts to deliver ransomware early-on, and stop would-be attackers cold in their tracks. But before we examine the solution, let’s dive into the nature of an intrusion by following the dreaded “Ransomware Leprechaun.”
The Moment of Attack
Ransomware attacks often use zero-day malware to increase their chances of success. These are malware files ever so slightly different that they are unrecognized by signature-based security defenses. Like rainbows in the distance, these zero-day attacks guide our ransomware Leprechaun straight to your company’s most valuable assets – and no device is safe.
An attack often begins when a victim encounters a comprised website, advertisement, or url page element. Either using social engineering or simply waiting opportunistically for a visitor, cybercriminals lure the victim into visiting the pages where they become infected. More sophisticated attackers will even exploit a victim’s locale and/or favorite web services (i.e. a local government user visiting a Chamber of Commerce site) in a targeted attack. Once a person has been infected by ransomware, the malware can immediately begin to lock files and data across networks and devices. By the time you can react, the leprechaun-like cybercriminal is already inside.
Prevention and Protection
It’s never too early to start focusing on how you can prevent your company from becoming ransomware’s next victim. Adopt first-class security solutions to protect your company and data, such as McAfee Web Gateway, which deploys a multi-layered defense strategy that actively and automatically identifies zero-day attacks and stops them before any damage is done. Here’s how it works:
First, web gateway technology acts as the front line of defense by assessing the reputation of incoming urls, automatically blocking known infected elements.
Then in its next layer, machine learning intelligence identifies the attributes of ransomware through a process we call Behavioral Emulation. Because ransomware attacks continue to grow in complexity via code-changes and the discovery of new zero-day vulnerabilities, a truly secure defense system requires agility and must be able to recognize malignant code organically, without the need of human intervention.
Rather than looking for known file signatures, Behavioral Emulation uses machine learning algorithms to look for suspicious behavior. Perhaps it is a snippet of JavaScript looking for an exploit in an unrelated program or an encrypted flash video calling out to an unknown server. Once these behaviors are identified, the web gateway flags them and diverts those suspicious elements before they reach the end-user. It’s like a ransomware “leprechaun net,” protecting everything, gold included, downstream.
Keep Your Company Safe, and Your Gold Safer
Ransomware attacks can happen at any time, to anyone. But the good news is you don’t have to rely on a leprechaun net to catch a cybercriminal from doing serious damage to your devices. Simply understand how ransomware paves a path for extortion and, more importantly, have the right solutions in place that are capable of warding off even the most creative, cutting-edge attacks.
To make sure that you guard your company, your employees, and your “gold” from these attacks, check out our overview on how to Defeat Ransomware. Additionally, see how we’re collaborating with the industry and law enforcement to disrupt the business of ransomware cybercrime through the initiative at https://www.nomoreransom.org/.
And to learn more about protecting your company from ransomware attacks or for regular updates on all things security, follow us on Twitter @IntelSec_Biz and join in the conversation by using the hashtag #LepreCONs.
The post How To Prevent Ransomware (and Leprechauns) From Locking Up Your Data appeared first on McAfee Blogs.
Read more: How To Prevent Ransomware (and Leprechauns) From Locking Up Your Data