Ransomware attacks reach new levels of sophistication
Ransomware silently renders your files/folders inaccessible by encrypting them. Repeated incidents of this kind have brought cyber security to the forefront of mainstream conversations as the impact of it is felt around the world by organizations and individuals alike. The global ransomware outbreaks are on the rise in last six months, and security hygiene should be reinforced, says Microsoft.
Ransomware 1H 2017 review
In a blog post, Microsoft outlined some of its key observations on the ransomware landscape and offered valuable insights on what can be learned from the same.
The highest encounter rates, defined as the percentage of computers running Microsoft real-time security products that report blocking or detecting ransomware, were registered in the Czech Republic, Korea, and Italy from January to March 2017. Sustained ransomware campaigns and high-profile attacks continued to highlight the need for advanced comprehensive cybersecurity strategy.
In the first quarter of 2017, Ransomware attacks suddenly surged (64 families to 71) due to the emergence of new ransomware families. Some of them exhibited more complex behaviors that made their detection difficult. WannaCrypt (also known as WannaCry) was one of the most well-known new ransomware to surface.
Later, a new variant – Petya surfaced. It applied some of the same propagation techniques used by WannaCrypt but incorporated more methods to spread within a network. The effect of the ransomware was widespread, and the infection swiftly spread to different countries in the course of a few hours.
The behavior of these ransomware exhibited certain traits like Credential theft, Network scanning, Destructive behavior, all of which were serious in nature. Luckily, Microsoft claims it has the suite of tools to provide round the clock protection against these threats. Besides, its mitigation plans help make Windows 10 resilient to exploit attacks.
Microsoft Intelligent Security Graph powers the security built into Windows 10. Its next-gen security technologies use precise machine learning models as well as generic and heuristic techniques capable of detecting script-based ransomware, and performing enhanced behavior analysis.
Even the default browser, Edge features reputation-based blocking of downloads. In addition to this, its click-to-run feature for Flash stops ransomware infections that begin with exploit kits. Credential Guard protect domain credentials from attacks like Petya, which are consistently exploiting ways to steal credentials for use in lateral movement.
That’s not all, Microsoft promises to streamline security and performance of Windows apps by hardening checks and balances, ensuring that all apps go through the Store onboarding, vetting, and signing process before being allowed to run.
Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP Awardee in Windows (2006-16) & a Windows Insider MVP. He enjoys following and reporting Microsoft news and developments in the world of Personal Computing & Social Media.