The latest ransomware attack known as “Petya” paralyzed many organizations in Europe and the US. This is the second worldwide ransomware attack in the past two months, and we believe these attacks will only increase in frequency and become more sophisticated. The continuous string of attacks means that we need to face the reality that we are in a state of continuous compromise when it comes to cyberattacks.
Traditional Endpoint Security Solutions fall short
An antivirus software is not sufficient to protect you from advanced malware attacks. A fragmented approach to managing endpoint security does not work. Furthermore, agent-based, resource intensive software slows performance on endpoint devices.
How can security professionals leverage software to better defend against a state of perpetual breaches, get actionable data and insight, and ensure that users can do their jobs?
Adaptive Security to the rescue
More and more companies are getting behind what is known as adaptive security, recently identified by Gartner as a “Top Technology Trend to Know for 2017”. This architecture model integrates the traditionally siloed capabilities of prevention, detection, response, and prediction for complete protection against advanced threats like the recent cyberattacks. It provides organizations with a layered, defense-in-depth protection strategy. The goal is to identify system changes through behavioral and contextual analysis to recognize and stop a program attempting to operate in a manner inconsistent with known acceptable behavior. Advanced systems can also use deception techniques to further entice malicious actors to show their intent while digitally recording those behaviors.
How ISIT’s Adaptive Security Solution blocks Ransomware like WannaCry, Petya & other Variants
ISIT’s adaptive security solution with real time detection, hunting, deception, protection & prevention, response and investigation and remediation is an all in one solution that protects you from ransomware attacks. Wannacry ransomware and the latest variant “Petya” run multiple processes during the deployment phase that our behavior based solution detects and blocks. These ransomware are also known to create child processes that are unsigned, and our solution would automatically block such processes. It would also block the process injection that utilises the icalc.exe file which elevates privileges on the target host allowing encryption of the entire filesystem.
News Link: http://www.me-newswire.net/news/4178/en