The Proliferation of Ransomware
Why they're attacking and how you can prepare.
We Don't Negotiate with Terrorists
What is Ransomware?
Ransomware is a nasty type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them. Once an infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to.
Data breaching techniques and processes are built quickly. Often times in only minutes. With open source hacking tools readily available to just about anyone, creating a new piece of Malware or Ransomware can take as little as 10 minutes. This may explain why there are currently at least 500,000 different known variations of CryptoLocker Ransomware. Even if an antivirus or anti-malware product had all of these variations in their blacklist, (which they DO NOT) imagine how long it would take to try and compare everything on your computer to that list all the time. Talk about slowing down your computer’s processing power!
SE-OPS Unique RansomwarE Detection & blocking
The constant morphing of Ransomware open-source programs is infinite, so trying to stop it with a Blacklist, Whitelist, and/or Signatures is relatively ineffective. With millions of hackers in the world, each possessing the ability to create a new Ransomware variant in a few minutes, there is virtually no limit to the number of Ransomware threats that can exist at any time. It is impossible for Signature bases, or Blacklists to keep up with this pace. And, hackers are imbedding Ransomware in commonly used software that is regularly found on Whitelists, so Whitelists are also far from foolproof.
The only way to effectively detect, block, and remove Ransomware is through the use of detecting unusual behavior in a computer. Every variant of Ransomware must perform certain functions or behaviors within a computer system to begin the process of encrypting files and information. As encryption experts, Securencrypt understands the encryption process better than any antivirus company. And, because of that understanding, can predict the threatening behaviors and detect, block and remove them before they can infect the system.
SE-OPS currently has over 600 unique behavioral identifiers, based in Common Sense Actions, each capable of detecting and blocking tens of thousands of different variations of Ransomware. And, more unique identifiers are being added every day.