We know ransomware has become an increasing threat to our cyber security. But how can we stop it?
It has been reported by Infoblox, ransomware increased more than 3000% from the fourth quarter of 2015 to the first quarter of 2016. Ransomware developers know victims will likely pay, so this epidemic won’t be slowing down anytime soon. If we look at the plethora of attacks that have hit hospitals, schools, police departments and other forms of public municipalities we will see that more times than not, they pay. So why would the hackers stop? Paying the ransom only fuels the fire.
Unfortunately, many of the methods advised to help prevent ransomware attacks are geared towards a more reactive approach. Meaning, if you are struck with this malicious software, here’s what you can do to restore your systems.
I don’t believe in that. Why not avoid the issue entirely and we wouldn’t need to worry about the headaches of trying to get our systems back on track. Info Security Magazine agrees that a proactive approach can be done which will protect your computer and all of the files on it from these attacks. The first piece of advice, stop relying on traditional anti-virus protection. Second, whitelisting. With the use of whitelisting technology, you are able to efficiently protect your PCs from the growing ransomware threat.
Whitelisting, whereby a threat is assessed against a set of policies and common characteristics to see if there is a likely issue, can help to spot this type of malware even if it has never appeared before.
Whitelisting technology does this by using a list of all of the known good programs and files and only allows them to execute. No matter what the ransomware hacker does, they will not be able to get onto the whitelist. This is different from traditional anti-virus methodologies because they use a blacklist approach. Meaning they try to keep a list of all of the known bad programs and files. There is a problem with this control, as malware is changing daily. How could any list possibly stay updated?