Why Ransomware is Different ... and How to Defend Against It

Why Ransomware is Different … and How to Defend Against It

June 30, 2016

For the most part, computer security is focused on preventing criminals from stealing information that can then be sold for profit to a third party. But, as the following excerpts from a recent conversation between Penton Technology Market Analyst Ryan Morris and Webroot Chief Technical Officer Hal Lonas explain, the core objective of ransomware is even more nefarious and potentially damaging.

When asked by Morris to define ransomware and its implications, Lonas responded, “I think the big change we’ve seen with ransomware is that the bad guys used to want your data because it was valuable to them. They’d say, ‘If I could get your credit card number or your identity or a secret from your company, I could go sell that.’

“The interesting thing about ransomware is that criminals are now saying, ‘Your data is valuable not to me, the bad guy, but to you. How much is your data worth to you?’ They’re betting that you don’t have any backup and protection in place. So their angle is to take your data and hold it for ransom until you decide what the value is, and then you pay them. They’ve really turned that value proposition around, and it’s scary how smart it is.”

Morris concurs, adding, “I’ve heard recently that modern companies with real IT departments and robust operations have actually paid ransoms. When I first heard that, it blew my mind. I, perhaps naively, thought we’d solved these types problems.”

Multi-Pronged Defense Is Crucial

Noting the urgency of this evolving threat, Morris asked, “How can we win the battle in the ransomware universe? What preventive steps should we take, and what ongoing measures should managed service providers and end users implement to protect themselves from ransomware threats?” In response, Lonas cited these key defense strategies:

“Investing in backups and data security is of paramount importance. That’s hardly new advice. It applies to everything from business security to homeowner’s insurance. But, with a threat like ransomware on the loose, it’s more crucial than ever to make sure our data is securely backed up and that we can recover it quickly, easily and in its entirety. We also have to test the backups; spend a little extra time and money verifying that the recovery systems are going to work.

“From there, we need to make sure we have a multi-level security approach in place. We’ve talked about this for years—the layered security approach—to ensure that malware and other types of breaches don’t get through, and each new attack vector can mean a new layer. Sometimes this causes redundancy, but as long as the various layers work in harmony, they provide comprehensive security that can prevent breaches. Firewalls, next-generation firewalls, Web filtering, proxies, VPNs … we have to ensure all of those protection layers are deployed.”

Lonas went on to emphasize the importance of endpoint security. “We have to have world-class endpoint security on all of our machines: the Windows machines, the Macintosh machines and the mobile devices, including bring-your-own-device. Every one of those devices needs to be protected so that it doesn’t become a gateway into our organization for the bad guys.”

And, of course, user education plays a critical role, Lonas concluded. “Our users need to know the types of threats they’re going to face, the kinds of phishing attacks, fake messages, emails, even phone calls they might get from people claiming to need a password or access to the systems. Bad guys are always figuring out new ways to get to us. The combination of layered security that covers all potential threat vectors, solid backup and recovery strategies, and user education is the only way companies can protect themselves, their employees, and their customers from ransomware.”

Want to find out if Webroot has what it takes to protect your customers? See for yourself with a no-risk FREE trial. You don’t even have to uninstall existing security.

Want to learn more about how Webroot partners with MSPs to delight customers, lower costs, and boost profits? Learn more.