Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Thursday, 30 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Defending against the fastest growing threat of 2016 – Ransomware

by The Gurus
February 10, 2017
in This Week's Gurus
ransomware
Share on FacebookShare on Twitter

Carbon Black data shows that ransomware instances grew by more than 50% in 2016 compared to 2015. In fact, ransomware emerged as the fastest-growing malware across all industries in 2016, with major increases seen at technology companies, energy and utility companies and banking organisations. As a result, we do not expect ransomware to slow down anytime soon, and seeing as its on track to be a $1 billion crime in 2017, it is still paying significant dividends for attackers.
Not only this, but ransomware is quickly evolving in sophistication as well. Payloads are increasingly infecting hundreds of machines at once. This was witnessed just last month when a string of ransomware attacks on MongoDB databases left roughly 27,000 servers compromised, with the attackers demanding significant financial reward in exchange for the stolen data.
Cybersecurity news was dominated in 2016 by the go-to ransomware family for attackers, Locky. Only released last year, Locky ransomware is typically delivered via a phishing email that prompts a targeted victim to enable malicious macros via Microsoft Word. These macros then run a file that delivers an encryption Trojan, preventing the victim from accessing their files. Following the file encryption, the victim receives a message with instructions on how to pay a Bitcoin ransom to decrypt the files.
Having gained notoriety in February 2016, data shows that Locky was used in one out of four ransomware-based attacks last year and has evolved several times since then. Most recently, attackers have been using Facebook instant messaging to spread Locky ransomware.
When it comes to ransomware, prevention is the most effective defence. So how can organisations protect themselves against ransomware?

  1. Back up data regularly. Verify the integrity of those backups and test the restoration process to ensure its working. In addition to this secure your offline backups. If you’re infected a backup may be the only way to recover your data. Ensure backups are not connected permanently to the computers and networks they are backing up.
  2. Block access. Configure firewalls to block access to known malicious IP addresses and logically separate networks. This will help prevent the spread of malware. If every user and server is on the same network, newer variants can spread.
  3. Train your employees. Implement an awareness and training programme. End users are targets, so everyone in your organisation must be aware of the threat of ransomware and how it’s delivered.
  4. Scan all incoming and outgoing emails. Scanning ensures threats are detected and executable files are prevented from reaching end users. Furthermore, enable strong spam filters to prevent phishing emails from reaching end users and authenticate inbound email using technologies such as Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent spoofing.
  5. Block ads. Ransomware is often distributed through malicious ads served when visiting certain sites. Blocking ads or preventing users from accessing certain sites can reduce that risk.
  6. Only assign administrative access unless needed. If a user only needs to read specific files, the user should not have write access to them.
  7. Leverage next-generation antivirus (NGAV) technology to inspect files and identify malicious behavior to block malware and malware-less attacks that exploit memory and scripting languages.
  8. Categorise data based on organisational value and implement physical and logical separation of networks and data for different organisational units.

While ransomware continues to generate headlines, it is still only a piece of the overall malware scope. Even with its rapid growth, ransomware still only accounts for 2% of total malware seen in 2016.
With ransomware attacks not showing any sign of depleting, it is also essential that organisations looking to defend against ransomware in 2017 are well versed in the prevention methods presented above.
 
Written by Eric O’Neill, National Security Strategist, Carbon Black

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Imperva profile – Spencer Young: Ransomware is a war businesses must fight

Next Post

UK firm launches new identity app to help reduce online fraud

Recent News

cybersecurity training

Only 10% of workers remember all their cyber security training

March 30, 2023
Pie Chart, Purple

New API Report Shows 400% Increase in Attackers

March 29, 2023
Cato Networks delivers first CASB for instant visibility and control of cloud application data risk

Cato Networks Recognised as Leader in Single-Vendor SASE Quadrant Analysis

March 29, 2023
Outside of cinema with advertising

Back and Bigger Than Ever! The Inside Man Season 5 Takes a Stab at Power Hungry Adversaries

March 29, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information