The Proliferation of Ransomware

Why they're attacking and how you can prepare.

 

Ransomware is no joke, and we're not the only ones who know its becoming more common by hour.

The FBI's Official Warning HERE

CNN Evaluates: Why is Ransomware on the Rise? HERE

'Almost 40% of Businesses Hacked' The Guardian HERE

'How To Protect Yourself' The FBI HERE

 
 

We Don't Negotiate with Terrorists


What is Ransomware?

Ransomware is a nasty type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them. Once an infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to.

Data breaching techniques and processes are built quickly.  Often times in only minutes. With open source hacking tools readily available to just about anyone, creating a new piece of Malware or Ransomware can take as little as 10 minutes. This may explain why there are currently at least 500,000 different known variations of CryptoLocker Ransomware. Even if an antivirus or anti-malware product had all of these variations in their blacklist, (which they DO NOT) imagine how long it would take to try and compare everything on your computer to that list all the time. Talk about slowing down your computer’s processing power!  


SE-OPS Unique RansomwarE Detection & blocking

The constant morphing of Ransomware open-source programs is infinite, so trying to stop it with a Blacklist, Whitelist, and/or Signatures is relatively ineffective.  With millions of hackers in the world, each possessing the ability to create a new Ransomware variant in a few minutes, there is virtually no limit to the number of Ransomware threats that can exist at any time.  It is impossible for Signature bases, or Blacklists to keep up with this pace.  And, hackers are imbedding Ransomware in commonly used software that is regularly found on Whitelists, so Whitelists are also far from foolproof.  

The only way to effectively detect, block, and remove Ransomware is through the use of detecting unusual behavior in a computer.  Every variant of Ransomware must perform certain functions or behaviors within a computer system to begin the process of encrypting files and information.  As encryption experts, Securencrypt understands the encryption process better than any antivirus company.  And, because of that understanding, can predict the threatening behaviors and detect, block and remove them before they can infect the system.  

SE-OPS currently has over 600 unique behavioral identifiers, based in Common Sense Actions, each capable of detecting and blocking tens of thousands of different variations of Ransomware.  And, more unique identifiers are being added every day.    

Courtney • 14 mins