Following Ransomware’s Path to Extortion

By on

 

It comes as no surprise that ransomware is the fastest growing form of criminal malware, accelerating in quantity 128% year over year.

This plethora of ransomware is, however, primarily acting across one type of playing field- the web. In fact, 80% of the methods used to deliver criminal malware are web-based, such as a drive-by download, email link, or download by malware itself. Ransomware is no exception.

In an effort to fight web-based ransomware attacks, most security teams run web-filtering technology in either a secure web gateway or firewall. This typically involves utilizing signatures that security vendors issue after seeing the malware for the first time, or technologies like network sandboxing and next-generation endpoint security, both of which identify threats without the use of signatures.

But network sandboxing is rarely implemented in a “blocking” mode, since ineffective pre-filtering allows a large volume of files to queue up at the sandbox, which takes time to process and ends up disrupting productivity for the user. Adding new endpoint technologies in isolation can further fragment security operations, resulting in additional time spent on integration, training, and management instead of improving security posture. In fact, 62% of security professionals admit that this “technology sprawl” actually reduces their security efficacy.

Clearly, this doesn’t get the job done, especially as code-changing, zero-day attacks render many web-filtering technologies ineffective.

So, what now? How do you defeat polymorphic attacks, or, essentially, defeat the unknown? How can businesses keep up with an ever-evolving, dangerous threat like ransomware? First and foremost, it’s time to get a better understanding of how this threat actually works so you can improve your ability to stop it.

To do just that, follow along ransomware’s path to extortion to dive deep into this threat and learn how to adapt your protection. 

 

 

Leave a Comment

Similar articles

The risk to your family's healthcare data often begins with that piece of paper on a clipboard your physician or hospital asks you to fill out or in the online application for healthcare you completed. That data gets transferred into a computer where a patient Electronic Health Record (EHR) is created or added to. From ...
Read Blog
Do you live in a “smart” home? If you look around and see interactive speakers, IP cameras, and other internet-connected devices like thermostats and appliances, you are now one of the millions of people who live with so-called "smart” devices. They bring convenience and comfort into our lives, but they also bring greater risks, by ...
Read Blog
In collaboration with Bill Siegel and Alex Holdtman from Coveware.   At the beginning of 2019, McAfee ATR published an article describing how the hasty attribution of Ryuk ransomware to North Korea was missing the point. Since then, collective industry peers discovered additional technical details on Ryuk’s inner workings, the overlap between Ryuk and Hermes2.1, ...
Read Blog