Ransomware Takes Its Route in a More Dangerous and Harmful Direction. What Do You Need to Know?

  • 51% of businesses have been impacted by ransomware in the last year.
  • 90 % of IT pros had clients that suffered ransomware attacks in the past year.
  • 50% of IT professionals don’t believe that their organization is ready to defend against a ransomware attack.
  • 85% of ransomware attacks target Windows systems.

What is ransomware?

How did ransomware evolve?

Why is ransomware so successful?

  • Expanding one’s authorization by using CVE-2018–8453 weakness.
  • Preventing resource conflict by ending blacklisted projects.
  • Deleting files that are in the blacklist.
  • Encrypting mobile or web drivers that have not yet been taken to the whitelist.
  • Transferring the system data to the attacker that belongs to the target.

Why should businesses worry about ransomware?

How do you prevent a ransomware attack?

  • Implement an awareness and training program. Because end users are targets, employees and individuals should be aware of the threat of ransomware and how it is delivered.
  • Enable strong spam filters to prevent phishing emails from reaching the end-users and authenticate inbound email using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent email spoofing.
  • Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
  • Configure firewalls to block access to known malicious IP addresses.
  • Patch operating systems, software, and firmware on devices. Consider using a centralized patch management system.
  • Set anti-virus and anti-malware programs to conduct regular scans automatically.
  • Manage the use of privileged accounts based on the principle of least privilege: no users should be assigned administrative access unless absolutely needed, and those with a need for administrator accounts should only use them when necessary.
  • Configure access controls-including file, directory, and network share permissions with the least privilege in mind. If a user only needs to read specific files, the user should not have write access to those files, directories, or shares.
  • Disable macro scripts from office files transmitted via email. Consider using Office Viewer software to open Microsoft Office files transmitted via email instead of full office suite applications.
  • Implement Software Restriction Policies (SRP) or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers or compression/decompression programs, including the AppData/LocalAppData folder.
  • Consider disabling Remote Desktop Protocol (RDP) if it is not being used.
  • Use application whitelisting, which only allows systems to execute programs known and permitted by a security policy.
  • Execute operating system environments or specific programs in a virtualized environment.
  • Categorize data based on organizational value and implement physical and logical separation of networks and data for different organizational units

Is there any useful tool to prevent ransomware attacks?

  • Critical ports are opened such as RDP port,
  • There is a critical vulnerability for your attack surface,
  • Any sensitive information or data available about your organization on the dark web.
  • Tailored for you: Select products and technologies you’d like to monitor.
  • Twitter CVE trends: See the worldwide vulnerability trends by monitoring millions of tweets.
  • Instant alerting: Rapid data collection, structuring, and analysis to notify on-time.
  • Filter and search: : Find vulnerability information by filtering based on keyword, CVSS score, or report time.
  • Discover your unknown hacker-exposed assets
  • Check if your IP addresses tagged as malicious
  • Monitor your domain name on hacked websites and phishing databases
  • Get notified when a critical zero-day vulnerability is disclosed

--

--

We empower you to know the unknowns.

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store