BLOG: The only way to stop ransomware

By Mike Batters, Technical Director @ NETprotocol

Bold Legal Group & its members are valiantly trying to assist each other by spreading the word about new Ransomware attacks, sharing malicious e-mail content to enable others to be more aware and hopefully avoid opening such messages. However the real threat is so complex that a different approach is needed, in addition to constant ‘awareness’ training for users and cynicism when opening every single message.

NETprotocol work closely with some of the best-rated protection providers in this field. I speak regularly with some of the top researchers and analysists in these companies to understand how attacks are changing. Over four years ago now, a new tactic was launched by malware creators and what you are all seeing is the culmination of 4 years of ransomware development by cyber-criminals.

Creating a “virus” and trying to spread it as far as possible & infect as many machines as possible is a very visible process and anti-virus vendors are easily able to defend against this within 24-48 hours of it being created, by releasing an update to protect machines so the entire process has a lessening return. Unfortunately, over the last few years, the most enterprising cyber-criminals have taken a much more sophisticated approach and are now creating targeted “one-off” (also known as zero-day) attacks. This entails creating a new “virus” for each attack to infect machines, which then delivers the encrypting ransomware with the ultimate aim of extorting money from targets, often in the legal sector.

As new malware is created every day, for each of these new breed of attacks, traditional anti-virus solutions will never be able to protect against them – as they rely on detection first and protection a day or two later.  Typically, these zero-day attacks are highly targeted at key individuals with either significant person wealth or who handle large sums of money, such as conveyancers and probate solicitors.

NETprotocol have partnered with Proofpoint, Gartner’s Magic Quadrant leader in e-mail security, for over a decade delivering one of the few technologies on the market which is capable of detecting and blocking these attacks as they emerge – so before they hit your computer.  A small number of other vendors have similar technologies but Proofpoint have been time and again proven to have the highest detection rates, well in excess of 99%.

For legal firms who are wanting to eliminate the risk of malicious content and ransomware infecting their IT systems, the only way to do this is by deploying a technology which takes the same approach as Proofpoint which detects first, then blocks if suspicious. With a standard anti-virus technology – it will simply be too late by the time it has detected the problem.

NETprotocol are exclusively offering BLG members one month completely free of its enterprise-class email security technology, Proofpoint – until 1st November 2016. For more information on Proofpoint, click here – or contact NETprotocol anytime on 0330 055 3385 or advice@netprotocol.net

More like this