By: Andrew | May 23, 2017

Barely a week since the Wannacry outbreak, security researchers have identified a new strain of malware, that exploits flaws in Windows SMB File sharing protocol, Wannacry targeted the same protocol exploiting two flaws, the new strain targets seven.

EternalBlue and DoublePulsar exploits and other pieces of malware are using the same propagation techniques as WannaCry. EternalBlue,  tries to stay hidden unlike Wannacry, making detections harder.

UIWIX - The UIWIX ransomware was first identified this week. Unlike WannaCry, UIWIX is not currently believed to be a worm (i.e. self-propagating): while it uses the EternalBlue exploit to gain access to systems, the scanning and exploitation appears to be conducted using a more traditi...

Category: Uncategorized 

Tags: Ransomware 

By: Andrew | September 13, 2016

Cybercrime as a Service (CaaS) has been a growing trend throughout Deep Web forums for several years. Inexperienced and, quite frankly, lazy cybercriminals can purchase CaaS tools and services from more advanced operators to launch their own malware, spam, phishing and other malicious campaigns at the click of a button. These ready-made tool kits require minimal to no effort, investment or experience from these script kiddies, yet they offer high profit potential.

It doesn’t come as a surprise that Ransomware as a Service (RaaS) has joined the ranks of destructive attacks in the CaaS line-up, as well. This latest installment contributed to the growth of newly discovered ransomware families by 172 percent just in first six months of 2016. With the availability of RaaS, what was once predominantly a risk to individuals now poses a serious threat to enterprises, as well.

Now more than ever, enterprises’ information, reputation and, ultimately, bottom line are at risk as cybercriminals work to earn their stripes in the underground world by launching multiple ransomware attacks, thanks to the availability of RaaS. These intruders are after what a company deems most valuable, whether it be high profile contacts, sales information or mission-critical files, and hold them hostage. The loss of any of these digital files means serious repercussions for organizations, including loss of sales, operational disruption, legal fees and damaged reputations.

CISO’s and C-Suite executives are responsible for safeguarding valuable information, implementing security measures and adequately educating employees of this threat. Ransomware is a not a one-size-fits-all game, and neither is the security that protects your organization against it. Trend Micro’s multi-layered approach helps mitigate the risk of an attack before it ever reaches your system, no matter the point of entry. The four layers of security to minimize risk include:

  • Email and Web Gateway – Trend Micro Deep Discovery Email Inspector blocks ransomware before it ever gets to your users through email or web gateways and on Office 365
  • Endpoint – Trend Micro Smart Protection Suite uses behavior monitoring, application control and vulnerability shielding to catch ransomware at the endpoint before companies are forced – or threatened – to pay for recovered data
  • Network – Trend Micro Deep Discovery Inspector detects and blocks ransomware on your network to stop it from spreading to other endpoints and servers
  • Server – Trend Micro Deep Security protects physical, virtual and cloud servers, preventing malicious threat actors from accessing enterprises’ most valuable data

RaaS operators rely on their “customers” to gain access to enterprise systems in order to capitalize on a major profit. It is in their best interest to ensure these attacks are wide-spread and successful. This trend is not expected to disappear anytime soon, so don’t let your organization be the next victim to a cybercriminal trying to climb his way up the Deep Web ladder. Train your employees, back up your files and most importantly, deploy a multi-layered security approach to keep your data safe. The time and money spent to put these features in place is well worth the alternative.

For additional information, please visit: http://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-as-a-service-what-this-means-for-enterprises

Category: Business, 

Tags: Ransomware, Security