Page 51 - Cyber Warnings
P. 51
stay one move ahead. Besides such traditional methods as periodic data backup, data access
authorization, regular security patch updates, high alert with email attachments, application of
specialized security solutions is essential.
Anti-virus software can partly deal with this kind of malware. However, variants of ransomware
are diverse and constantly changing, and a certain amount of time to develop an updated patch
is required.
Figure 2: Behavior vs Signature based malware analysis (Source: NPCore)
Top target of today's cybercrime is data. For government agencies and enterprises, data
protection from APT(Advanced Persistent Threat) attacks or ransomware is critical.
In this section, we will introduce a solution named ZombieZERO developed by NPCore – a
leading security solution provider in Korea.
With advantages of behavior and signature based analysis on both network and endpoint
layers, ZombieZERO helps detect and prevent quickly from malware in general and
ransomware in particular.
ZombieZERO collects files coming through various ways such as web, email to PCs. Analysis
steps are conducted on sandbox environment to proactively detect ransomware.
51 Cyber Warnings E-Magazine – April 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
