Why Are Ransomware Attacks Occurring with Increasing Frequency?

April 5, 2016 | By Comodo

We are starting to see it more and more: ransomware attacks are on the rise – and we’ve been seeing it especially (and unfortunately) in the medical profession lately, where patient records, medical data and key healthcare information are all being locked and held for ransom by cybercriminals.

So why is this happening? And why now?  

One of the main reasons is that the security technology that many hospitals, as well as banks and government agencies use, is becoming increasingly antiquated and is based on a model that hasn’t kept up with the aggressive technology innovation that cybercriminals are creating every day.

The traditional signature-based detection and default-allow architecture which many IT departments employ are totally ineffective against these emerging ransomware attacks.
The technology most organizations are still using is basically comparable to installing a home security system that alerts you to an invasion weeks after the criminals have already stolen everything and vandalized the house. By then, it’s simply too late.

We spoke with Zach Forsyth, Director of Product Strategy at Comodo, who said IT departments need to take some decisive steps before they too are victimized. The first step is to replace their aging security solutions with a more modern secure web gateway that will effectively block malware and contain all untrusted files in-flight. They also need to ensure that endpoint protection solutions go beyond just simple signature-based detection to actually provide true next generation malware containment and prevention. Instead of relying on a simplistic and flawed strategy that identifies known good and bad files, and provides virtually no protection against previously unseen files, organizations need to embrace an approach that identifies and prevents risk from all unknown files. If your anti-malware solution doesn’t recognize a file, then it should be classed as untrusted and totally contained until it is deemed to be safe.

With so many new malware strains and variants being introduced every day, “signature based detection and default-allow is a dead end and also a giant waste of money,” Forsyth said. “Buying into that architecture is futile against modern malware, and not only are you paying for the product up front, but then you have the ongoing IT operating costs of maintaining a system that can’t actually protect you against emerging threats. It’s costing business owners money and becoming less and less effective over time. That is clearly a bad investment.”

Forsyth went on to say, “the primary purpose of advanced solutions such as secure web gateways and endpoint protection is to stop malware infecting the endpoint. Simple as that. So, why are companies still deploying expensive and complex solutions that can’t actually fulfill that primary objective? If you’re serious about security you have to start using a totally different approach – the Comodo approach.”

Forsyth continued, “Containment is a clear solution that solves the malware problem, and containment is what Comodo is all about.” Whether it is Comodo 360, with Valkyrie, our cloud based verdicting system, or Advanced Endpoint Protection, cWatch or Comodo Dome, the containment aspect is the key.

By forcing any unknown files to run contained — until their intention is determined — users are free to access and use those files on their endpoints, systems are not slowed down, and there is no possibility of a virus – whether malware or ransomware – infecting the drive or the endpoints.  And then, if deemed good, the file is let out of containment faster than any of our competitors. And if it’s deemed bad, it’s deleted from the environment. For more information on the different types of malware, visit Comodo’s malware search engine at https://file-intelligence.comodo.com/

Be sure to visit https://www.enterprise.comodo.com for more information on Comodo’s groundbreaking containment-based approach to solving the malware problem.

If you feel your company’s IT environment is under attack from phishing, malware, spyware or cyberattacks, contact us at Comodo https://enterprise.comodo.com/contact-us/?af=7566 or at sales@comodo.com

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>