Following the news that:
New approach to ransomware encryption threatens to undermine cyber security strategies
New approach to ransomware encryption threatens to undermine cyber security strategies | IT PRO
Following the news that:
New approach to ransomware encryption threatens to undermine cyber security strategies
New approach to ransomware encryption threatens to undermine cyber security strategies | IT PRO
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
The intermittent encryption method being used by the “cool kids” poses a new challenge to security professionals around the globe. In the past, detection methods have relied upon detecting greatly increased file IO operations. However, they cannot reliably detect this new method, as file encryption operations are cut by half. IT Pros will need to develop new detection methods to respond to the hackers’ latest efforts.
Ransomware is one of the biggest threats that organisations face. So keep in mind what this “new intermittent encryption tactic” is and what it isn’t. It is a way the Ransomware can avoid detection for as long as possible – ensuring maximum damage and increase the likelihood that the attacker will receive blackmail payment for the decryption key. It is not a new form of attack and it does not change the ability of the Ransomware to infect the target in the first place.
Good security hygiene has always been the best defence, and still is. Using MFA for any logins, the assumption of Zero Trust on all access and, of course, stopping users behaviour such as random link clicking are all still valid defences. As always, organisations need to stay on their guard and do anything they can to prevent themselves falling victim to Ransomware, and a hugely disruptive attack.