RANSOMWARE: HOW TO PREDICT, PREVENT, DETECT & RESPOND
Ransomware is one of the most prominent cyber threats today. Yet just like any other threat, F-Secure advocates for a four-phase approach to cyber security – Predict, Prevent, Detect, and Respond – that can help an organisation defend against, cope with or recover from a ransomware incident.
This form of crimeware used either by an individual or by organised criminal groups, extorts money from an affected user. These malicious programs take control of a user’s device or data and then demands payment to restore normal access to the ransomed content or system.
Ransomware attacks have attracted a significant amount of coverage in the mainstream media over the last few years, as major companies and organisations announced that their operations had been affected by the threat. Examples of affected businesses include hospitals, universities and major international corporations. Despite the alarming nature of the threat, the way ransomware gains entry onto a user’s device is actually no different from the methods used by other threats.
Ransomware is most commonly spread by two methods: Email messages that trick users into opening a malicious file attachment, or Exploit kits that silently download the threat onto the user’s device while they are visiting a website. These pathways onto the user’s device are relatively predictable, and can be successfully identified and defended. This requires identifying potential weaknesses in the device and setting the appropriate safeguards in place, both to block any potential intrusion attempts and to raise the alarm if any penetration does occur.
F-secure’s four-phase approach also means that even in the event that a threat does manage to bypass protective measures, all is not lost. The affected device can still be identified and isolated, so that the damage can be contained. The findings from a forensic investigation of the device can then be used to further improve the organization’s infrastructure, hardening it against future incidents.
Would you like to know if you’re adequately protecting your business’ network? Click on this link to find out more.
