Story image

WatchGuard reveals why defence is never enough in the fight against ransomware

13 Mar 17

Ransomware. It is a deadly form of computer malware that can cripple your systems, drain your bank accounts and wipe all your critical business data.   

In 2015, the total amount of reported damages from ransomware attacks hit $325 million, according to Symantec. And the attacks aren’t slowing down - from Q4 2014 to Q1 2015, ransomware samples shot up 165%. 

WatchGuard says ransomware is still a huge problem, and it’s not likely to go away anytime soon. Organisations without dedicated IT teams are the most vulnerable as they may not have the manpower or resources to watch out for these nasties - and may lose critical data that could destroy the entire business.

How does it get into your computer in the first place? All it takes is a simple download from a malicious or compromised website, an unwitting click on an email attachment or even dropped by exploit kits into an IT system. From there, ransomware will execute, lock a predetermined set of files or the entire infected computer.

With no way around the blocks, the attackers then make a ransom demand, complete with payment instructions. In exchange, they will unlock your device or give you the decryption key. Or so you hope.

Security experts will tell you to keep your software updated, use data backup and educate employees. These are all effective, but you need something more.

A layered security approach is crucial to stopping ransomware attacks from getting into your system. It’s not just about defence, but about prevention too.

WatchGuard’s Total Security Suite includes controls such as APT Blocker, Host Ransomware Protection and Web Blocker, all of which work together to prevent common ransomware attack methods. 

APT Blocker:

  • The award-winning sandboxing solution seamlessly integrates with WatchGuard Dimension for complete visibility
  • Analyses a range of executables and documents, including office file types
  • It also deploys in seconds as part of an integrated security solution, delivers instant threat response with automated alerts and has an average analysis time of less than two minutes.

Host Ransomware Protection:

  • Uses a behavioural analytics engine to determine whether an action is associated with a ransomware attack
  • When used in Prevent mode, it can automatically prevent a ransomware attack before the system is encrypted 
  • ThreatSync then collects the threat data to provide a comprehensive threat score for a ransomware attack.

Web Blocker: 

  • Automatically blocks user access to known malicious sites. It enables URL filtering, which can also block inappropriate and risky sites. 

Deploying the right security solutions might just save your data from a disastrous ransomware attack. Learn how WatchGuard can help save your business.

Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Spark Lab launches free cybersecurity tool for SMBs
Spark Lab has launched a new tool that it hopes will help New Zealand’s small businesses understand their cybersecurity risks.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t.