A quick glance at the news headlines will make it very clear—cyberattacks are evolving. They’re becoming more prevalent, more impactful and harder to stop. One of the most common is a kind of malicious software called ransomware. Here’s what you need to know. What it is: Delivery methods vary, but the end result is your business-critical data gets encrypted by folks with bad intentions, rendering it inaccessible—unless you pay their ransom. What’s unsettling is the availability of this software. Nearly anyone can go out and purchase a ransomware attack via underground markets.
For example, the Neutrino Exploit Kit—a sophisticated and popular piece of ransomware—is available as a service. Anyone with a grudge or appetite for destruction can obtain it via underground black markets, including non-technical folks.
(If you’re curious how much these things cost, recent reports indicate that the current going rate for the Neutrino Exploit Kit is about $7,000.)
If you get hit, there aren’t a lot of attractive options: Many organizations end up paying the ransom, simply because it’s the easiest thing to do—even though it’s both ethically challenging and fails to provide a guarantee that you won’t get attacked again, either by the same party or a different one.
Others opt to recover using a full system backup. This is probably the quickest way to bring your system back online, but it doesn’t address the fact the malware may have spread laterally, nor does it help you understand how you got infiltrated in the first place. In our experience, these organizations end up playing an unpleasant and high-stakes version of Whack-a-Mole: uncovering and rectifying infections as they continue to pop up on different systems.
Then there’s the nuclear option. Erase and start from scratch. From a technological standpoint, this is executable. But what about the business? In some scenarios it might mean bringing a business-critical system down for a considerable length of time. And that’s not saying anything about the costs of the do-over itself.
How we can help: The easiest way to deal with ransomware is to stop attempts to infiltrate your system. But more importantly, you also need processes in place to assess your risks, business benefits and costs in the event of a successful attack.
Logicalis partners with Cisco to implement malware security strategies that leverage Cisco Advanced Malware Protection (AMP), which can be deployed in both physical and virtual form factors. It excels at both preventing malware attacks and remediating them in the event of an infection.
Cisco AMP boasts an approximate malware detection time of 13 hours (Source: Cisco 2016 Midyear Cybersecurity Report). With 1.5 million malware samples analyzed by Cisco experts every day, it’s always up to date—which is critical in the chaotic and rapid-fire world of cyberattacks (Source: Cisco).
Our cybersecurity team at Logicalis understands the threats that businesses like yours are facing. We can help you select solutions, identify priorities and build your IT defenses to stop ransomware—and ensure your organization is ready to make smart decisions if you find yourself in an unfortunate position.
Get in touch today to discuss your security challenges and concerns, including how to respond to cutting-edge attacks like ransomware.