For Ayrapetov, the shift in tactics and techniques means ransomware isn’t going anywhere. “Today’s cybercriminals demonstrate deliberate reconnaissance, planning and execution to surgically deploy tool chains targeting enterprise and government infrastructure,” he says. “This results in larger victims and leads to higher ransoms.”
How Businesses Can Protect Themselves from Ransomware
Ayrapetov suggests a multipronged approach to reducing ransomware risk that focuses on both detecting attacks before they reach business networks and defending against intrusion when — not if — attacks occur.
Solutions such as SonicWall’s patented Real-Time Deep Memory Inspection (RTDMI) can help detect evasive malware payloads that attempt to hide in plain sight and fool traditional security countermeasures. Ayrapetov points to the rise in weaponized documents — everything from PDFs to Excel and Word documents designed to appear legitimate and wreak havoc once they’re past the perimeter. By looking past the obvious to what’s underneath the data surface, RTDMI can spot threats before they gain a foothold.
“On the network side,” says Ayrapetov, “businesses need intrusion prevention. It’s such an unsexy topic — it’s two decades old, its death has been predicted for years, but now it’s having its moment.” SonicWall’s Capture Advanced Threat Protection (ATP) solution leverages machine learning across network endpoints to analyze file behavior using a multiengine sandbox platform that includes full system emulation, virtualized sandboxing and hypervisor-level analysis along with RTDMI.
Put simply? With ransomware on the rise and showing no signs of slowing, the sooner businesses identify what’s happening and where it’s coming from, the better. And while there’s no foolproof way to foil attackers’ efforts, a multipronged approach to protection can significantly reduce ransomware risk.
Brought to you by: