Following Ransomware’s Path to Extortion

Home / Enterprise / Endpoint Security / Following Ransomware’s Path to Extortion

By on Feb 03, 2017

 

It comes as no surprise that ransomware is the fastest growing form of criminal malware, accelerating in quantity 128% year over year.

This plethora of ransomware is, however, primarily acting across one type of playing field- the web. In fact, 80% of the methods used to deliver criminal malware are web-based, such as a drive-by download, email link, or download by malware itself. Ransomware is no exception.

In an effort to fight web-based ransomware attacks, most security teams run web-filtering technology in either a secure web gateway or firewall. This typically involves utilizing signatures that security vendors issue after seeing the malware for the first time, or technologies like network sandboxing and next-generation endpoint security, both of which identify threats without the use of signatures.

But network sandboxing is rarely implemented in a “blocking” mode, since ineffective pre-filtering allows a large volume of files to queue up at the sandbox, which takes time to process and ends up disrupting productivity for the user. Adding new endpoint technologies in isolation can further fragment security operations, resulting in additional time spent on integration, training, and management instead of improving security posture. In fact, 62% of security professionals admit that this “technology sprawl” actually reduces their security efficacy.

Clearly, this doesn’t get the job done, especially as code-changing, zero-day attacks render many web-filtering technologies ineffective.

So, what now? How do you defeat polymorphic attacks, or, essentially, defeat the unknown? How can businesses keep up with an ever-evolving, dangerous threat like ransomware? First and foremost, it’s time to get a better understanding of how this threat actually works so you can improve your ability to stop it.

To do just that, follow along ransomware’s path to extortion to dive deep into this threat and learn how to adapt your protection. 

 

 

About the Author

Daniel Flaherty

Daniel Flaherty is a member of the product team for McAfee MVISION Cloud, our Cloud Access Security Broker (CASB) solution, focused on developing educational and product-related content. He has been with McAfee since 2010.

Read more posts from Daniel Flaherty

Categories: Endpoint Security
Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs