Intercepting ransomware attacks
Security provider Sophos uses artificial intelligence and machine learning to counter ransomware, writes Nur Zarina Othman
RANSOMWARE, a type of malicious software that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid, has been creating problems in many companies as well as individuals.
Last year, attacks from ransomwares such as Wannacry, Notpetya and Badrabbit took a lot of companies and individuals by surprise.
Most attacks targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in Bitcoin cryptocurrency.
For instance, a malware called Notpetya because it masqueraded as the Petya ransomware attacked businesses’ corporate network with destructive program worms, trashing the infected machines’ file systems.
It demanded US$300 (RM1,165) in Bitcoin to unscramble the hostage data, the mechanisms put in place to collect this money from victims in exchange for decryption keys.
Meanwhile, Bad Rabbit ransomware infected a few Russian media outlets but only demanded 0.05 bitcoin as ransom.
Bansal says that cases or losses from ransomware attacks are hardly heard of or reported because people pay ransom. They want to get their stolen information back fast and big corporations keep the cases under the carpet because they have reputations to uphold.
For example, Uber took two years to admit that it paid ransom because it was worried about its reputation. a data award in the US for the best machine learning for security.
Deep learning is a branch of machine learning that works by mimicking the human brain. Called an artificial neuro network, and just like a human brain you can feed attributes automatically, and it will self-learn on its own.
Sophos then took the deep learning technology and incorporated it into its Intercept X product.