Let Sangfor Protect you Against Ransomware

15/06/2020 10:11:36
Let Sangfor Protect you Against Ransomware

Ransomware is the fastest-growing cyberthreat today. Where national governments and large enterprises were once the primary targets, now local governments and smaller organizations have become targets with the average ransom costing over US$40K.

Most of us are familiar with how insidious the Coronavirus (COVID-19) can be, having sinister traits that include infected patients who showed no signs or symptoms but continued to be extremely contagious. How do we prevent infection without the ability to see it coming?

Ransomware is very much like Coronavirus in how it infects and spreads. Do not make the mistake of thinking that you will be the lucky one who will never be crippled by ransomware! Just as with COVID-19, without proper testing you may not know you have been infected by ransomware and that it is spreading throughout your organization. Prevention will always be preferable to waiting for symptoms of infection but, unlike Coronavirus, there is a way to stop ransomware. Let us better understand how Ransomware infects and propagates.
The Kill Chain

Ransomware is malware that follows a specific sequence of events called a “Kill Chain” to infect and spread.
Generally, there are four steps of a typical Ransomware attack:

  • Infection: How malware gets into the organization, bypassing security protection and installing itself on systems within.
  • Command & Control (C&C or C2): This malware communicates with a server on the internet to download instructions on what to do next. In this case, the instructions tell the malware to install ransomware and encrypt data.
  • Exploitation: How the ransomware rapidly encrypts data on systems and on the network.
  • Propagation: How ransomware spreads throughout the network, infecting other systems in the organization.

Traditional security point products alone have not effectively stopped these steps in the Kill Chain. Organizations may be protected with next generation firewalls (NGFW), email gateways, and next generation anti-virus/malware solutions (NGAV), but WannaCry proved them ineffective by infecting 200,000 systems across 150 countries in only 4 days.
The Remedy

Sangfor’s Security Solution for Ransomware provides a holistic solution to stop ransomware attacks in real-time. The solution is robust enough to block every step in the ransomware Kill Chain, but modular enough to be tailored to any organization.
Watch a video of a simulated ransomware attack triggered by a phishing email and see how the Sangfor Cloud-Firewall-Endpoint integrated solution can protect your organization against each step of the ransomware kill chain!

Our Social Networks

Global Service Center: