Ransomware: Are You Protected From the Next Outbreak?

By Brook Chelmo

Will you be ransomware’s next victim? Can ransomware encrypt your data and hold it hostage until you pay a ransom?

Organizations large and small across industries and around the globe are at risk of a ransomware attack. The media mostly reports attacks at large institutions, such as the Hollywood Hospital that suffered over a week offline in 2016 after a ransomware attack encrypted files and demanded ransom to decrypt the data. However, small businesses are affected also. In fact, Kaspersky research reported that small and medium-size businesses were hit the hardest, 42 percent of them falling victim to a ransomware attack over a 12-month period. Of those, one in three paid the ransom, but one in five never got their files back, despite paying. Whether you are part of a large organization or a small business, you are at risk.

The recent WannaCry ransomware attack was the largest ransomware campaign ever. In the course of a weekend, WannaCry spread to over 250,000 computers in 150 countries, crippling operations at hospitals, telecom providers, utility companies, and other businesses around the globe.

Once primarily an issue for Windows desktops, ransomware attacks have now occurred across many device types and operating systems, including KeRanger, a ransomware variant that emerged in 2016 that targeted Apple OS X. This variant was hidden in a compromised version of the Transmission BitTorrent client and affected about 6,500 computers within a day and a half.

These attacks often start with an internet file download or email attachment that seems innocuous but actually is hiding malware that encrypts files. End user productivity grinds to a halt and your help desk lights up. Worse, your business can suffer both financially and also from damage to your reputation.

Can your security solutions protect from this threat? Maybe. Legacy security technologies are often signature based, great for detecting “known” malware, but ineffective against “unknown” or zero-day attacks. To better detect unknown threats, security professionals are adding an additional layer of security and deploying advanced threat detection technologies, such as network sandboxes specifically SonicWall Capture ATP, that analyze the behavior of suspicious files and uncover hidden malware. To learn more about what it takes to keep malicious code out of your network, read our whitepaper: Why Network Sandboxing is Required to Stop Ransomware.