What is ransomware?
With this type of cyber attack, local files are encrypted so that the user no longer has access to important data or documents. Only after the payment of an individually fixed ransom amount, the affected persons have the possibility to get back their unencrypted data. Most of these payments are processed in the online currency Bitcoin. These persons and the perpetrators are very hard to trace through this method.
The advantage of ransomware is that entire enterprise networks can be torpedoed and paralyzed. Therefore attacks with polymorphic viruses pose a not to be underestimated threat. This applies in particular to the rapid spread of ransomware. In the following you will learn how to protect against ransomware.
How does ransomware work in practice?
Depending on the nature of the ransomware, the polymorphic viruses arrive at the target system via email. The email attachments can be camouflaged in various ways. In the case of Jaff, for example, the malware came as a supposed PDF invoice to the computers of the affected parties. Using the Java Script function, a DOC file was unpacked locally in a temporary folder. This Word file contained damaged macroviruses, through which the ransomware was downloaded to the respective systems and activated after the installation.
Why is the protection against ransomware problematic?
The challenge with polymorphic viruses goes hand in hand with the protection against ransomware. It can hit everyone – both private users, institutions and companies. The perception that mainly private users lack an adequate protection against ransomware, or the know how to protect against ransomware, is wrong. Companies are threatened by ransomware attacks, too . Even bankruptcy caused by ransomware have been seen.
Companies often lack an effective IT security concept that provides sufficient protection against ransomware. For a long time, the responsible persons simply underestimated the threat situation caused by ransomware, . Every second company in Germany has already been hit by a cyber attack such as espionage, data skimming or sabotage. A mature protection against ransomware is therefore reasonable, expecially to avoid extensive damage tot he company.
Ransomware Attacks – a worthwhile business model for cybercriminals
Easy to handle polymorphic viruses offer cyber criminals the possibility of automated generation of sales. Therefore some types of ransomware have been added in recent years. It is Jaff, Petya, WannaCry, Locky and Co. A business that has proved absolutely worthwhile for cybercriminals. This is due to the fact that the processing of the blackmail process can be arranged fairly simply via Bitcoin. This form of anonymous payment is very popular among cybercriminals.
The interaction between optimal monetization measures and the technically relatively simple implementation makes this scheme of the cyber gangsters so successful, so that they are enjoying increasing popularity. This is due not least to the lack of protection against ransomware. Because of this there still are companies that don’t have a suitable strategy for backing up their data. And even the updating of systems is not a regular task for a large number of companies. The resulting vulnerabilities ultimately lead to the tense threat situation in some companies, that are uncertain how they can protect themselves against ransomware.
Hornetsecurity Advanced Threat Protection (ATP) provides effective protection against ransomware
Thanks to the analysis engines optimized for the different attacks, companies have the possibility to protect themselves against ransomware. With Hornetsecurity Advanced Threat Protection, the sandbox engine immediately checks incoming email attachments before delivering them to the recipient. . The sandbox opens the attachment in a secured, virtual environment and observes ist behaviour. If the file confirms that it is actually a malware, the user receives a corresponding information along with details.
The same applies to the freezing engine from Hornetsecurity ATP. It withholds emails with suspicious and not immediately classifiable attachments. After some time, the emails are subjected to a further analysis with updated signatures and classified accordingly. This approach, along with several other security engines, is the answer to how to protect against ransomware. For more information on Hornetsecurity Advanced Threat Protection (ATP) please see the detailed information about how to protect against ransomware.
Protect your company with Hornetsecurity Advanced Threat Protection against ransomware:
Request a quote!
Would you like to find out how much Hornetsecurity Advanced Threat Protection costs? Then ask us for a no-obligation quote now. You can also try out our service for 30 days free of charge. Simply make use of our fully automated onboarding option.
Try out our product now!
By providing just a few details, you can also try out Advanced Threat Protection right now for 30 days with no obligation. Simply create an account and in just a few minutes your employees and IT systems will enjoy additional protection.