Page 47 - Cyber Warnings
P. 47
Ensure Your Data is Not Taken Hostage: Ransomware
Remediation Strategies
Raj Samani, VP & CTO, EMEA, Intel Security
After slowing slightly in mid-2015, ransomware has overall regained its rapid growth rate.
According to the June 2016 McAfee Labs Threats Report, total ransomware grew 116% year-
over-year for the period ending March 31. Total ransomware rose 26% from Q4 2015 to Q1
2016 as lucrative returns continued to draw relatively low-skilled criminals.
An October 2015 Cyber Threat Alliance analysis of the CryptoWall V3 ransomware hinted at the
financial scale of such campaigns. The researchers linked just one campaign’s operations to
$325 million in victims’ ransom payments.
This spurt in Ransomware attacks can be attributed to three key reasons. The first driver is the
syndication of the activity into ransom as a service with offers of revenue sharing to operatives
facing the target recipients.
The second driver is the development of polymorphism in ransomware generating a unique
threat signature for each attack. And the third driver is the increasing sophistication within the
malware, widening the scope of damages.
With Middle East organizations becoming a target for Ransomware attacks, it is incumbent on
the C-suite to take action and ensure that their data and organizations are not held ransom.
Remediation Strategies for Each Stage
Ransomware attacks occur in five stages – distribution, infection, communication, encryption
and demand. So it is only logical that there should be prevention and remediation strategies for
each of these stages.
Distribution Stage
Build a “human firewall”: The biggest threat is users who let the ransomware on their endpoints.
People are the weakest link. Organizations need to make sure that all employees from the CEO
down, understand both how ransomware works as well as the ramifications of an attack
Stop ransomware before the endpoint: The most-proactive method of protecting a network from
ransomware attack (other than the human firewall) is to keep ransomware from reaching the
endpoint in the first place. Consider a web-filtering technology
47 Cyber Warnings E-Magazine – August 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide