Article

Susmita Sankaran
Susmita Sankaran 12 January 2018

It’s only a matter of time before you become the next victim to a ransomware attack!

Remember the good old days when we talked about a number computers getting infected by malicious content? If you think of the meteoric rise of ransomware in past few years – the good old Trojan looks almost friendly and harmless in comparison.

As opposed to a few thousand computers getting affected then, these virus' can affect countries and continents. What’s more, there is actual ‘ransom’ you have to pay to get access back to your data. Welcome to the age of Cyberwar! But do you have enough ammo to protect yourself?

Since the day the first ransomware attack was launched, the information security world has been abuzz with various control measures to be adopted to arm yourself against a ransomware attack. What most of them do miss to point out is that, we are not just talking about the infamous crypto ransomware, there is a plethora of ransomwares out there such as Leakware/ Doxware, Crysis, Samsam, Cerber, Locky-Zepto just to name a few. To protect yourself against a vast variety of malicious content you need a healthy mix of different controls in place such as:

  1. Perimeter Security (Email Security Gateway, Firewalls, Web Security Gateways)
  2. Endpoint Security: Traditional Antivirus, Endpoint Security AND/OR End point privilege access management
  3. Patch Management
  4. Vulnerability Scanners
  5. Application Whitelisting/Blacklisting/Gray Listing
  6. Port Security so on and so forth.

Above all, robust and continuous back-up in place.

Ransomware Evolution

Ransomware Evolution Prcatices

While various levels of controls are identified for ransomware protection, the most vulnerable and frequently exploited is the END POINT. With new variants of malwares and ransomware being introduced in market- traditional endpoint security alone is no longer sufficient. Ransomware-as-a-service is an undeniable reality which arms the most amateur cybercriminal with enough ammo to launch their own customized attacks. The traditional end point solutions can be helpful when you know what you’re looking for – but when it comes to ransomware, there are new variants coming out every day. Signature based end point protection will no longer suffice. Hence, next gen end point protection solutions clubbed with end point privilege access management solutions are the need of the hour- which may function independently or in conjunction with the traditional end point security.

Ransomware Evolution

The next gen end point security solution and privilege access management solutions also offer behavioral analytics i.e. analysis based on machine learning, artificial intelligence based threat detection measures etc. These advanced features make the next gen end point security solutions much smarter than the traditional tools which depend heavily on signature or heuristic based prevention measures of malicious content.

It is also important to look for end point security tools that also offer sandbox analysis, specific in-built ransomware policies, end point isolation (after detection) with minimal effort, rollback of the changes, application white/black/grey listing capabilities, activity recording. Integration with SIEM, network security and threat intelligence solutions can significantly improve the overall adaptability of the end point security suite.

End point privilege escalation is the most frequently exploited feature by the attackers and is yet the most neglected and still highly vulnerable areas an end point security tool that offers Administrative rights removal on end points without affecting the user capabilities is the key to avoid such attacks

Unfortunately, there is no single vendor in the market today offering all the above prevent & protect capabilities in an end point security suite.

The Best Defense Strategy at End point

Comprehensive approach to fend off any ransomware at the end point must work on the Detect, Protect, Sustain approach. Detection methodologies – combination of manual as well as tool based; needs to be adopted to identify ransomware including in stealth mode. Any new suspicious content entering the network should be blocked and reported. Protection controls on the endpoint should focus on application whitelisting/blacklisting/grey listing, enforcement of ransomware protection policies, blocking unauthorized access, RBAC, removal of admin access among others. Any Defense strategy is ineffective without a proper Sustain plan in place which must include but not limited to continuous monitoring, Incident Management and Analysis, patch management, internal audits, periodic reviews, policy updates and most important regular backups and testing

Whether you decide to stay with traditional end point security or upgrade to next gen end point security and end point privilege access manager is your prerogative. However, as popular proverb goes on to say “a chain is only as strong as its weakest link”. Don’t let inefficient end point security control compromise your organization’s security on the whole – because like it or not, ransomware is here and evolving as we speak. Who knows? – you could be the next?

The original article is published here.

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
7 reasons why social media marketing is important for your business

7 reasons why social media marketing is important for your business

Social media is quickly becoming one of the most important aspects of digital marketing, which provides incredible benefits that help reach millions of customers worldwide. And if you are not applying this profitable...

Sharron Nelson
Sharron Nelson 6 February 2018
Read more
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more
Top 10 B2B Platforms to Help your Business Grow Worldwide

Top 10 B2B Platforms to Help your Business Grow Worldwide

Although the trend of a Business to Business portal is not new but the evolution of technology has indeed changed the way they function. Additional digital trading features and branding has taken the place of...

Salman Sharif
Salman Sharif 7 July 2017
Read more
What Marketing Content Do Different Age Groups like to Consume?

What Marketing Content Do Different Age Groups like to Consume?

Today marketers have a wide choice of different content types to create; from video to blogs, from memes to whitepapers. But which types of content are most suitable for different age groups?

Lisa Curry
Lisa Curry 21 October 2016
Read more
Collection Of The Best Email Testing Tools Online

Collection Of The Best Email Testing Tools Online

Don’t be afraid of email testing. There are many free or freemium tools online that can help you with testing your SPAM score, deliverability and even the rendering of your email. We feature 30 email testing tools in...

Roland Pokornyik
Roland Pokornyik 31 October 2016
Read more