Over the last four years, ransomware has evolved into one of the biggest threats to cybersecurity that we have seen in a long time. Names like CryptoLocker, CryptoWall and CTBLocker keep both average computer users and IT security administrators up at night. And for good reason – ransomware is cunning, effective and proliferating. Unfortunately, the cybersecurity industry hasn’t really found an answer to stop it.
Ransomware leaves your end users feeling powerless. Once their files are encrypted, they often feel pressured into cutting their losses and giving in to an attacker's demands. Whether it’s scareware, a screen locker, or malicious encrypting ransomware, the issue is that even if these users do pay up, there’s a chance the ransom will increase or they won’t ever get their files back. Obviously, losing critical files and data is not an option for clients. Consider the resulting downtime and wasted productivity they'd have to account for. Instead, in addition to offering a backup and disaster recovery (BDR) solution that can restore their information back to its last known good, MSPs must teach end users to be more mindful of the ransomware security threat.
Ransomware – Easy to Understand, Hard to Beat
Ransomware works by infecting the machine, encrypting all files and then demanding payment to get the files back. It works so well that most variants will even remove themselves when the damage is done, leaving users with an ultimatum. They can either pay the ransomware author to decrypt the files or risk losing them forever.
The ransomware we see today is so sophisticated that the advanced encryption it uses makes it impossible to get files back without paying the ransom. Unfortunately, even online and locally-connected backup systems can fail to counteract these attacks if the ransomware is capable of actively seeking out and corrupting these systems. In the case of online backups, automatic file uploads may encrypt files thought to be secure.
How Can I Stay Protected?
Most of today’s security software simply cannot protect you from ransomware. Ransomware does not act like traditional malware – some strains are automatically updated every day, and even use polymorphic (shape-shifting) code to evade detection! This makes it exceedingly hard to unearth, which is why you must constantly inform end users of new threats and exploits. One of the most common ways that computers are infected with ransomware is through social engineering. Teach clients about this practice and how to detect phishing campaigns, suspicious websites and other malicious scams. Stress that end users exercise common sense, but don't assume they can get there on their own. Send them warning signs to look for or examples of social engineering tactics to flag.
How Can Malwarebytes Help?
Malwarebytes’ unique endpoint security capabilities integrates all of the industry-leading anti-malware and anti-exploit protections and remediation technology into one powerful solution. Malwarebytes Endpoint Security combines advanced malware detection and remediation, malicious website blocking and exploit protection in a centrally-managed platform scalable up to thousands of endpoints to help stop and remove today’s most dangerous threats including ransomware. In summary, Malwarebytes is a completely proactive and signature-less technology that is able to detect and block even the most dangerous of ransomware variants, keeping you, your company and your clients protected.
Malwarebytes is sponsoring the upcoming Navigate 2016 Continuum User Conference and will also be presenting, The Hidden Enemy: Malvertising and Ransomware, one of the event's more than 30 breakout sessions.
Don't let ransomware to be an issue learn how to stay secure online and in the office!
By Lily Teplow
By Brian Downey
By Dave LeClair