Prevention better than cure for ransomware
IF there’s one common enemy that companies must face, it is ransomware that targets their most critical data on servers, resulting in serious damages including exfiltrate data and stolen information use for spear-phishing campaigns and stealing company resources.
Based on data collected from Sophos customer computers worldwide from April 1 to Oct. 3, 2017, ransomware has become platform-agnostic. They mostly target Windows computers, but this year, there is an increased amount of crypto-attacks on different devices and operating systems.
Android, Linux and MacOS platforms are no longer immune to these attacks and will be continuously targeted given the success attackers have had thus far. Email will remain the primary attack vector threatening corporate cyber security, especially in the case of targeted attacks.
The SophosLabs 2018 Malware
- ware growth patterns, indicating that WannaCry, which has been unleashed in May 2017, became the number one ransomware intercepted from customer computers, dethroning longtime ransomware leader Cerber, by ransomware were attacked while running up-to-date endpoint security.
Based on Sophos’ Dirty Secrets of Network Firewalls Study, Asean businesses are particularly at risk due to
managers unable to identify 45 percent of their organization’s network traffic. In fact, nearly one- in- four cannot identify 70 percent of their
based detection are also unable to provide adequate visibility into ap-
factors such as the increasing use of encryption, browser emulation, and Android malware processed by SophosLabs in September alone was ransomware; the report predicted it would jump to approximately 45 percent in October.
The SophosLabs report noticed two emerging Android attack methods while locking the phone without encrypting data and locking the phone while encrypting the data. Most ransomware on Android doesn’t encrypt user data, but the sheer act of locking a screen in exchange for money is enough to cause people grief, especially considering how many times in a single day information is accessed on a personal device.
Sophos Asean manager for engineering Julius Suarez advises against paying for ransomware and recommends best practices instead, including backing up data and keeping patches up to date.
“Cybercriminals are after our data because they can sell it in the dark web, Criminals are more likely to engage with cryptocurrency because as early as possible. Make sure that you are protected through the basics of protecting your work stations from cyber criminals,” enthused Suarez, who recommended backing up phones on a regular schedule, similar to a computer, to preserve data and avoid paying ransom just to regain access, as well as being cautious about where and what kinds of apps they download.
Sophos has been helping small and medium enterprises and organizations in the Philippines cope with these challenge through its various products such as Intercept X, a next-generation endpoint security product that stops zero-day malware, blocks all exploit techniques known today and includes an advanced anti-ransomware feature that can stop both known and unknown ransomware variants within seconds.
Intercept X for servers leverages cutting- edge protection, including deep learning malware detection, exploit prevention, and technologies designed to stop ransomware