• Micro Focus
  • Products & Solutions
    Icon Application Delivery
    icon Application Modernization
    ITOM IT Operations
    logo AI Data Analytics & Governance
    Icon CyberRes

    Security

    v Vertica

    Analysis

    Industry Solutions
    Airline
    Education
    Financial
    Government
    Healthcare
    Enterprise Solutions
    Business Continuity
    Cloud
    Environment
    SAP Modernization
    Security
    Free trials View all products
  • Support & Services
    Support
    Premium Support
    Flexible Credits
    Support Portal
    Version Upgrades
    IT Professional Services
    Advisory Services
    Solution Realization Services
    Optimization Services
    Education and Training
    Certification
    Academic Programs
    Teaching Programs
    Resources
    My Micro Focus
    Community
    Blog
    Apps Marketplace
    Resources Library
    Free trials View all products
  • About
    About Micro Focus
    Careers
    Leadership
    Investor Relations
    Environment, Social, and Governance
    News and Events
    Press Room
    Events
    Partners
    Partner Locator
    Partner Portal
    Contact
    Sales
    Support
    Free trials View all products
      • My Micro Focus Support Portal Partner Portal Free trials View all products
    • Micro Focus
      • My Micro Focus Support Portal Partner Portal Free trials View all products
        My Micro Focus Support Portal Partner Portal Free trials View all products
        • Products & Solutions
            ‹Back

            Products & Solutions

            • Application Delivery
            • Application Modernization
            • IT Operations
            • AI Data Analytics & Governance
            • CyberRes

              Security

            • Vertica

              Analysis

          • Free trials View all products

          • Industry Solutions
              ‹Back

              Industry Solutions

            • Airline
            • Education
            • Financial
            • Government
            • Healthcare

          • Enterprise Solutions
              ‹Back

              Enterprise Solutions

            • Business Continuity
            • Cloud
            • Environment
            • SAP Modernization
            • Security
        • Support & Services
            ‹Back

            Support & Services

          • Support
              ‹Back

              Support

            • Premium Support
            • Flexible Credits
            • Support Portal
            • Version Upgrades
          • IT Professional Services
              ‹Back

              IT Professional Services

            • Advisory Services
            • Solution Realization Services
            • Optimization Services
          • Education and Training
              ‹Back

              Education and Training

            • Certification
          • Academic Programs
              ‹Back

              Academic Programs

            • Teaching Programs
          • Resources
              ‹Back

              Resources

            • My Micro Focus
            • Community
            • Blog
            • Apps Marketplace
            • Resources Library
          • Free trials View all products
        • About
            ‹Back

            About

          • About Micro Focus
              ‹Back

              About Micro Focus

            • Careers
            • Leadership
            • Investor Relations
            • Environment, Social, and Governance
          • News and Events
              ‹Back

              News and Events

            • Press Room
            • Events
          • Partners
              ‹Back

              Partners

            • Partner Locator
            • Partner Portal
          • Contact
              ‹Back

              Contact

            • Sales
            • Support
          • Free trials View all products

        Micro Focus Blog

        Close
        View More
        RSS Feed

        FILTERS

        • English
        View All Authors
        View all posts

        How Does Ransomware Take Down an Entire Network?

        08.03.2017

        by Zac Muir

        Views: 1629

        • 9
        • Share
          Share this...
          Share on facebook
          Facebook
          Share on pinterest
          Pinterest
          Share on twitter
          Twitter
          Share on linkedin
          Linkedin
        • 0
        Categories: Micro Focus News
        Tags: Micro Focus Privileged Account Manager, Micro Focus Secure Gateway, Ransomware
        9

        It’s actually impressive, the ingenuity that ransomware hackers are showing in their malware deployments. They’ve come up with algorithms to attack the most vulnerable departments of an organization – such as accounting or HR – with emails that appear to be from their superiors. They’ll give you a get out of jail free card, as long as you can infect two other systems. Looking to get an edge on your competitor? They’ll do ransomware as a service! (I feel legally obligated to say how terrible and extremely illegal that idea is).

        All of these tactics (and more) have made ransomware an extremely profitable, billion dollar “industry”. In 2016, Verizon’s Data Breach Investigation Report (DBIR) reported 159 incidents of ransomware. That number increased by over 43%, to 228 incidents, in 2017. In 2014, ransomware ranked 22nd on the list of most common forms of malware. It now holds the number five spot.

        Don’t give all the credit to the hackers, though. Ransomware wouldn’t have any of its publicity, awards, or accolades on its own. The majority of its success comes from leaching off of email. This parasitic relationship has allowed ransomware to spread like wildfire. This year, 66% of the malware installations studied in Verizon’s Data Breach Investigation Report came from a malicious email. A study by Malwarebytes also agrees that email is the top medium used to spread ransomware.

        “Email is the road most traveled to deliver malware to organizations” – 2017 Verizon DBIR

        The best way to defend yourself against ransomware, then, is to defend yourself against these malicious emails.

        How Does a Ransomware Disaster Happen?

        It’s pretty easy to understand how a single instance of ransomware happens – someone opens an email they shouldn’t have and then opens up a bad attachment or clicks on a sketchy link. Once the ransomware is downloaded, you’re pretty much out of luck. There are a few things that can be done, but hackers are starting to add features such as a countdown that will delete all of your files if it hits zero and you haven’t paid – good luck decrypting your system with an hour’s notice.

        Large-scale disasters are a little more complex. How does one employee get hit and subsequently bring down an entire department or organization? First of all, it has to do with patching. A lot of these ransomware incidents we hear about could have been avoided if the system’s software were up to date. The second part of the picture is privilege. If the intern down the hall gets hit, you might be able to get out of it by simply reconfiguring the laptop or paying half a bitcoin. However, If a system admin clicks on a bad email while logged onto a central machine, there are many more paths that the malware can take to infect other systems. The consequences will be much more severe.

        This is what made the Petya ransomware attacks so destructive. Once successfully phished, two malware packages were deployed – the Petya ransomware and Loki Bot information stealer, which is a trojan that looks for passwords on your system. On a privileged system or account, the trojan can steal all kinds of passwords and information, which allows Petya to infiltrate deep into the network. Ransomware is never a good thing, but ransomware hitting privileged users is a worst-case scenario that could be catastrophic for your business.

        Protect Yourself with Secure Gateway and Least Privilege

        A secure network means a low risk network. If you want to mitigate the risk of ransomware, you need to reduce and protect the entrances into your network as well as minimizing how pervasive those entrances are.

        DBIR shows that the majority of ransomware attacks start with phishing. That makes blocking malicious emails the most effective preventative measure. At Micro Focus, we offer a product – Secure Gateway – which sits on the perimeter of your email network (compatible with Exchange, Office365, GroupWise, Vibe, Lync, and Lotus Domino) to scan for malware and spam. It also scans outbound mail, which prevents the spread of malware from one inbox in your system to another.

        Secure Gateway scans links and attachments, which are the most common vectors for infection. When it finds suspicious emails, they are sent to quarantine where they can be reviewed. The Secure Gateway 7.0 Release added a redesigned web interface, single sign on, and enhanced customization features which makes monitoring attacks and customizing defense very user friendly.

        Once you’ve secured your email system, you can add an additional layer of security by ensuring that the principle of least privilege is being followed. This means using low-privileged logins for your users to perform basic functions such as checking email, and restricting privileged account usage to only when it is necessary. Our Privileged Account Manager adds features such as risk-based monitoring and policies, session recording, password check in/check out, and more, that make it difficult for ransomware to spread throughout your entire network.

        There are dozens of additional security layers that could be added, but these two will provide you with a solid defense against ransomware. Micro Focus Secure Gateway stands between the hackers and your company’s inboxes, cutting off the ransomware supply chain, while Privilege Account Manager minimizes the risk of ransomware spreading throughout your network.

        Questions? Leave a comment below or visit our website to learn more about Micro Focus solutions.

        Learn more about Micro Focus Secure Gateway

        Learn more about Privileged Account Manager

        Post Views: 1,629

        Zac Muir

        Share this post:
        Share this...
        Share on facebook
        Facebook
        Share on pinterest
        Pinterest
        Share on twitter
        Twitter
        Share on linkedin
        Linkedin

        Leave a Reply Cancel reply

        Your email address will not be published. Required fields are marked *

        FILTER

        • English
        View All Authors
        RSS Feed