ransomware Ransomware: 3 Seconds To Encryption

[vissha]

Ransomware: 3 Seconds To Encryption

 

 

Imagine how you would feel if everything on your entire PC hard drive was encrypted, and somebody was demanding a large sum of money from you to make it accessible? This scenario is exactly what happens to thousands of people every day when they are infected with ransomware, and it is essentially a digital hold up. Though your life is not in danger, you face the imminent threat of catastrophic consequences from the loss of irreplaceable data.

 

Much of the attention in the industry is focused on the damage caused by ransomware. The common belief is that most ransomware infections are caused by human carelessness, so there is no guarantee that you will never get infected. So the focus really needs to be about how to detect and respond to a ransomware infection.

 

What is scary is that you only have three seconds from infection to encryption. In just the time it takes to read this sentence, the malware will have installed itself, downloaded an encryption key and scanned your computer to identify all the attached drives. Then the encryption begins, and it becomes a race against time

 

Believe it or not, there are ways to detect and prevent the damage caused by ransomware. Vigilant detection with automated triggers can actually identify the communication between the ransomware and the key download server and cut off that communication. With that communication blocked, the infected client can be safely remediated. This type of monitoring is something that is not easy to do and requires a 24x7 security operations center (SOC).

 

Large enterprises with big budgets can afford 24x7 SOCs with teams of security engineers and analysts. Mid-market companies on the other hand are limited in resources and often do not have dedicated security staff. By working with smaller companies, Arctic Wolf has created a set of best practices that can help companies overcome and survive a ransomware infection.

 

Best Practices for Ransomware Protection include:

• Backup your data/files
• Diligently monitor your network
• Regularly train all of your users
• Keep your perimeter defenses up to date

Source: Ransomware Infection to Encryption in Three Seconds

 

At Arctic Wolf, we have seen a 433 percent increase in ransomware infections among our customers, who are all mid-market companies. Each customer had a firewall, antivirus and sometimes content filtering, but they all were infected. In almost every instance, it was the result of human error. In one case, an employee fell for a spear phishing attack, and in another somebody opened a quarantined email that was identified as having an attachment that was malware.

 

Prevention is necessary but just not sufficient to protect yourself from ransomware, and no perfect solution exists. As a result, the best protection is really vigilant detection, and every company should evaluate their security strategy to ensure that they have this in place.

 

 

Source

[write2vivek86]

nice article. Informative