How to deal with the rising threat of ransomware
In the history of hacking, there has never been a money making scheme better than the Ransomware. Being a malware that attacks your computer via your email or the Internet – encrypting important data in the meantime, Ransomware demands money from the victim in order to give back his/her data. More worrying is the fact that it has the ability to destroy your data once you involve the authorities in this matter. This, pinning the back of the victim against the wall, the Ransomware has minted millions of dollars in the past few years employing its technique.
To take a cursory look at the scale of its attacks, this report shows that FBI alone received more than 2500 complaints in the whole of last year. This stat fails to paint the whole picture as the majority of the victims – driven by the fear of losing their data, seldom report to the authorities.
Now, in the below-mentioned paragraphs, we are going to take a detailed look on why the traditional security solutions haven’t saved you from this malaise. And how can you protect yourself?
Traditional Security Solutions aren’t enough!
While they regularly update your system, this updates will only shield your system from viruses that are already known. However, this is not the case with Ransomware where unknown variants are making headlines every day. Thus, taking advantage of the naivety of traditional security solutions, Ransomware comprise the data on the system.
Following are some of the techniques that you could employ at your own system in order to shield it from the Ransomware attacks …
Usage of behavior analysis for prevention
While there is nobody denying the fact that Ransomware are developed on a daily basis – which makes their stoppage all the more difficult, nearly all of them share the same attribute which could be found during their execution. Thus, at a time when our traditional Antiviruses rely on signature-based methods to detect their presence, the likes of Ransomware could be stopped more efficiently if a behavioral analysis is used.
Taking a look at the behaviors that most Ransomware have in common and three functions come to the fore. In addition to their attempts of disabling Startup patch-up, removing Windows Shadow Copies, another common characteristic of nearly all the Ransomware is their attempt of stopping BITS.
Thus, if our traditional antivirus is based on the notion of behavioral analysis, it would do a much better job of stopping the Ransomware that what it is doing now. Thankfully for the Computer users, Companies like Cisco, Kaspersky and TrendMicro have accepted the importance of behavior analysis and are already offering security tools that are based on them.
Astonishingly, Sentinel One is the market leader in the development of Antiviruses based on behavioral analysis. Here is what the CEO of Sentinel One had to offer on this matter …
“With minor modifications, a cyber-criminal can take a well-known form of Ransomware like Cryptolocker, and make it completely unknown and undetectable to antivirus software”
Giving the Ransomware the taste of its own medicine
It might sound a bit Hollywood-centric, however, thanks to the efforts of an Israel Cyber Security startup, we now have the tools to transform the biggest strength of the Ransomware into its biggest weakness. However, before unveiling what it is, let me take you towards the innate functionality of Ransomware.
After the Ransomware had entered into its system, one of the most critical phase of its lifecycle is to evade your Antivirus. No matter whether your Antivirus is traditional or contemporary, it would have the ability to detect the Ransomware when it is in an active mode. Thus, as you might guess it, the manufacturers of Ransomware introduced a ploy to circumvent this security check.
When under surveillance, the Ransomware normally goes in a sleep mode. Thus, your Antivirus will NOT detect it. However, thanks to the recent studies, we have been awarded tools by Minerva Labs who have transformed this strength of Ransomware into its weakness.
By tricking the Ransomware into believing that it is always under surveillance, this tool won’t allow it to come to an active state. As a result, the Ransomware gets trapped in a cyber-security loop and becomes unaware of its surroundings.
Multi-pointed approach for Prevention
Instead of using the same old technique of sandblasting to detect the presence of Ransomware, Jens Monrad, a Security Engineer at Fire Eye concludes that we need “a fundamentally new way of thinking about cyber-attacks”.
He further states that we should employ an adaptive defense technology. This technology not only takes into account the signature based Ransomware, but it would also detect the cyber-attacks that would otherwise circumvent the security system of your computer.
In addition, the Adaptive Defense Technology also collects data from the networks from around the globe. As a result, it would know what is actually happening in the field and what sort of methods the new Ransomware are utilizing to make their way through your computer. Afterward, by filling the voids in its own protection system, it would emaciate the chances of the Ransomware to get to your computer.