How Can We Defend Against Ransomware?

Hi folks,

A couple of articles came across my desk on the 2nd of May. They reminded me how many dangers lurk on the Internet, and got me wondering how we can protect ourselves from what is becoming an increasingly looming threat. The articles I'm referring to talked specifically about a piece of ransomware called Cerber which is currently in its 6th version and still evolving.

The first article, titled "Cerber Version 6 Shows How Far the Ransomware Has Come (and How Far it’ll Go)" was published on Trend Micro's security intelligence blog. The piece discussed Cerber's emergence from the Russian underground marketplaces in 2016 and its growth up until today.

This particular piece of file-encrypting malware is becoming very dangerous, and I'm really concerned about this. I'm not exactly sure how we can protect ourselves, but I have some thoughts in addition to the solutions that threat defense experts like Trend Micro are working hard to get out to the masses.

First of all, the article talks about how this malware evades protections like antivirus and anti-malware. The only other thing that can protect us is ourselves, the humans.

There are certain questions we can ask each time we receive a digital file to reduce the risks of ransomware.

• Did we ask for the file?
• If not, is it something supposed to be sent, especially if we were to expect a delivery notification from a company such as UPS of FedEx?
• If it comes from someone we know, are they able to tell us what was being sent, and the names of the file(s) being sent?

This simple step of thinking twice before clicking 'Download' can be a very good start to teaching people how best to deal with these continuously emerging threats today. I personally use this practice when I receive packages and other things in the mail. And I also know the ransomware helpless families are being delivered by mistakenly opening fraudulent 'Failed Delivery' email alerts from UPS which takes advantage of our mindless email-opening tendencies and take the opportunity to inject our computers with dangerous ransomware.

The E-mails in question look very authentic with a person signing the mail, and thats how they operate. The ransomware's authors know that to send the files, they must be zipped up and let the person unzip the file. For those who can't unzip the file, or don't know how, pressing enter would show them whats in the zip, and then they would probably run it.

I remember reading somewhere that Ransomware is up 720 percent, and if thats not the right number, it's a large number nonetheless. I'm afraid we're going to get even more of them. The only way to deal with this is to rely upon our basic common sense.

The second article I recently read with regards to ransomeware comes from that same Trend Micro blog and is titled "How Organizations Can Protect Against New CERBER Variations." This one talks about how this piece of malware actually works.

This is the only piece of software that I'm aware of that is sold as a service. Trend Micro is calling this ransomware a service to refer to the fact that people who don't know how to create the software can still send it out and simply pay the author who helped them do it a percentage of the profits made from said infection. This is completely sad. The fact that this particular piece of software doesn't infect the operating system, but infects networks so that it can spread is definitely different than other pieces of software which may encrypt the computer files themselves, like what happens typically.

You know what scares me? What scares me about this whole thing is the fact that it evades machine learning. If a piece of software such as an antivirus and anti-malware learns about it, the ransomware knows and can evade that. This piece of software already infected millions using office365 specifically, and that was only within a 24 hour span. Microsoft ended up blocking it, but the article states that the damage had already been done. This all points to my original point that the human element needs to be part of the solution. We must all be careful online, and simply pay attention to our surroundings. I'm hoping that I'll never be bitten by such a thing, as it scares me to this day.

If you have any ideas for protective measures that doesn't rely specifically on software (although I agree that it can help) please feel free to discuss it with me. I would be happy to discuss any ideas people have. Thanks for reading!