Threat: Let’s begin with some good news: After years of sometimes dizzying year-over-year increases, ransomware attacks seem to have plateaued.
“The security industry has gotten a lot better at stopping ransomware,” says Webroot CTO Hal Lonas. “Maybe it’s too soon to declare victory, but it seems to be under control, and maybe even declining a little bit.”
And now, alas, here comes the inevitable bad news: Though ransomware strikes are becoming less numerous, Lonas and others say they’re also becoming more targeted, more effective, and more dangerous.
“They’re getting very, very good at the socially engineered aspect of the attack,” says Jon Clay, a cybersecurity expert at Trend Micro, of ransomware perpetrators. “They’re doing their due diligence on understanding the victim upfront.”
They’re also squeezing victims for more money. The criminals responsible for last year’s SamSam attack, for example, collected over $6 million before being indicted.
Numbers like that are too tempting for hackers to resist, warns Tim Brown, vice president of security at SolarWinds MSP. Besides, he continues, ransomware is an easier way for attackers to make money. People looking to steal data must get past a victim’s defenses, locate something valuable, exfiltrate it, find a buyer, and then launder their earnings. Ransomware is a comparatively low-effort crime.
“The ransomware model from a business perspective will continue simply because it’s clean, simple, and there’s more revenue to the bad guy,” Brown says.
Countermeasure: End user awareness education is a critical weapon in the fight against ransomware. So too, though, is artificial intelligence, which WatchGuard CTO Corey Nachreiner considers an increasingly important—and speedier—supplement to behavior-based antimalware solutions.
“It’s immediate,” he says. “With all the behavioral sandbox stuff, sometimes it’s immediate if we’ve seen it before, but if it literally is a brand-new thing, which is quite common frankly, we have to wait for a little bit of an analysis.”
That said, Nachreiner continues, behavior-based tools remain the most effective. According to recent data from WatchGuard, traditional, signature-based solutions block about 63 percent of malware, and artificial intelligence-based technologies block about 80 percent of the rest. It takes behavior-based software to block the remaining 20 percent, though, indicating that while behavior-based systems may be slower than AI they’re also more thorough.
More Galleries like This
In early announcements made at the start of this year’s Black Hat USA security conference, Webroot has launched a new certification program, Fortinet has unveiled a threat intelligence service, and NETSCOUT has integrated two advanced threat products.
Vendors are rolling out new solutions left and right this week at the U.S. edition of RSA’s annual security show. Here are 6 that caught ChannelPro’s eye.
Held last week in Los Angeles, the first of the distributor’s live events for 2018 showcased mobility, security, IoT, and vertical industry solutions, among other opportunities, as hot markets for SMB resellers in 2018
An updated security awareness training solution from Webroot, an enhanced SD-WAN solution from Citrix, and a forthcoming mobile DNS filtering product from WatchGuard are our final trio of product-related stories from last week’s giant security confab.
At the managed services vendor’s Navigate conference this week, CEO Michael George (pictured) walked attendees through what he contends is an inescapable set of both existential threats and massive opportunities for managed service providers