Thanks to the widespread coverage that the WannaCry and the Petya attacks received in 2017, ransomware is no longer an unknown or misunderstood terms, especially for those whose work revolves around handling cybersecurity. In fact, ransomware – which basically refers to malicious software that locks systems or encrypts data and demands a ransom in exchange – threats are continuously evolving. The level of sophistication is only getting smarter. For organizations, big or small, there is only counter-attack: proactivity and prevention.
The malicious minds behind ransomware attacks are smart and they keep in touch with industry trends, designing threats which supersede existing cybersecurity standards. In fact, both WannaCry and Petya themselves exploited a specifically programmed exploit for scanning IP addresses. According to a survey, 42 percent of companies have experienced ransomware attacks.
Channels of ransomware infection
The two most common channels through which ransomware infiltrate a system are through email and compromised websites. In fact, 93% of all phishing emails contained encryption ransomware in 2016. To make these emails look genuine and convincing, they are disguised as invoices, tax forms, letters from a co-employee or a boss. On the other hand, compromised websites are used by hackers to hide an exploit kit. When these websites are visited, the exploit kit scans the website or any software for security vulnerabilities which it can exploit. This vulnerability will be exploited by the installation of a ransomware.
Seqrite’s Endpoint Security (EPS) solution offers a comprehensive security for workstations, laptops and servers which integrates various advanced features including Anti Ransomware. In April 2017, the advanced version of Seqrite EPS was certified BEST+++ by AVLab – the EPS Enterprise Suite edition was 100% effective in detecting and blocking malicious files of crypto-ransomware thus earning the AVLab BEST+++ award.
Some of the key features of the solution which enable network administrators to fight the evolving breeds of ransomware are:
1. Signature Based Detection
Endpoint Security’s Intrusion Prevention System (IPS) continuously examines network flows to detect and prevent vulnerability exploits. During the outbreak of the WannaCry attack, the Intrusion Prevention layer blocked nearly 48,000 attacks in the first few days of the attack, keeping networks safe. With this feature, attacks from various sources such as IDS/IPS, Port Scanning attack, Distributed Denial of Service (DDoS) are detected.
Also, the Email Scan Protection scans incoming mail regularly and blocks ransomware, while providing protection against zero-day threats. Virus Protection enables real-time protection and defends the system from viruses and potential threats.
2. Behavior Based Detection
The Behavior Detection System (BDS) offers advanced, dynamic protection against rapidly evolving threats. The Advanced DNA Scan, which is an indigenous Seqrite technology, monitors activity on systems and immediately takes action against any suspicious activity flagged. The detection can be categorized based on their criticality level as Low, Moderate and High. The level can be selected depending on the frequency of suspicious files detected.
The Anti-Ransomware feature allows systems to protect themselves from ransomware attacks. It is able to successfully detect and block hundreds of ransomware across enterprises (as well as individual enterprises). Between January and June 2017, around 1 million ransomware per month was blocked by Quick Heal/Seqrite.
4. Screen Locker Protection
Ransomware operates by taking control of your system and especially your screen by locking it and preventing any access to it. The Screen Locker Protection feature allows users a defense against this tactic – by pressing Alt + Ctrl + Shift + A, malware can be disabled and you can regain access to your screen.
5. Back-Up And Restore
Thanks to this feature, network administrators do not have to worry about critical data being lost. The Back-Up and Restore feature automatically takes back-up of files. At periodic intervals, a backup of the most important and confidential files at the endpoint are automatically backed up.
Ransomware is a dangerous new breed of malware but there are ways to protect systems from it. Network administrators can consider Seqrite’s Endpoint Security solution to bolster their cybersecurity defense.
As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more