How to be prepared against a new wave of WannaCry

As we predicted, Ransomware attacks grew more than 50% in 2016 and this year the trend continues to grow; more than 50 different types have already been identified. Top market analysts in the latest published reports recommend hiring concrete solutions to protect from advanced threats because standard antivirus and anti-malware solutions work on identified patterns and signatures but are unable to detect zero-day attacks.

How malicious software attack our systems and devices:

Ransomware is a type of malware that installs silently on devices and once put into action it encrypts all data to block access. The most common form of dissemination is as spam through e-mail, attaching a malicious file or link. When the user clicks on that potentially malicious file, link or URLs, it activates the virus that takes over the system and blocks the user’s access to the device and information. The user receives a message on the screen, indicating that he/she has been attacked and detailing the rescue instructions to be paid if they wish to regain control of their device.

This is how the malicious software, WannaCryptor (a variant of the previous WannaCry ransomware), caused the biggest cyberattack in the world.

WannaCry

 

Who was affected?

WannaCry gets inside companies taking advantage of a weakness in the Windows operating system. The alert was given on the morning of May 12th, 2017, affecting businesses and individuals in more than 170 countries. Some media have published interactive maps of WannaCry’s damage.

According to data provided by the National Institute of Cybersecurity (Incibe), Spain ranks as the third most attacked country in the world, behind the United States and the United Kingdom.

“Only the companies that had hired an advanced detection service

service have been able to stop this great threat..”

 

What to do in case of a cyberattack:

As result of WannaCry’s aggressive worldwide outbreak, competent institutions have developed some diagnostic tools and Microsoft has deployed security patches for affected versions of Windows.

But there are great uncertainties that companies must consider when facing a situation like this:

  • What if the virus has silently installed itself on my systems and is waiting for a user to unconsciously activate it to block the computer?
  • What if, instead of being ransomware, it is a spy virus that tries to gain access to copy the intellectual property of the company or organization?
  • What is the impact on my company’s reputation after being affected by cyberattacks? Will customers still trust in the treatment I give to their information?

IT security managers are responsible for proactively provide users with tools to help detect and block a cyber-attack before it accesses the systems and can be activated.

While traditional antispam and anti-malware solutions help in detecting known spam, companies should seek advanced detection solutions that allow the evaluation of potential malicious content in real time before being executed by the user and blocking it in case it is malignant. This novel technology is known as Sandboxing.

Spamina’s Advanced Threat Protection (ATP) solution includes Sandboxing 2.0 technology as well as premium antivirus, which allows analyzing emails in the Spamina sandbox every time the user accesses the email. Like this, any threat received by the user in the email and, although evolved over time, will be analyzed in real time, delivering mail clean of malware. In case of detecting malicious content, the user receives a notification of the incident and the email is isolated in the Spamina cloud.

image001

ATP is a scalable solution that can be contracted for the entire domain or only some users in the company. Its implementation is a simple process that is done without interfering in the activity of the employees, guaranteeing the continuity of the business and that there are no drops in the productivity of the company.

Banner-atp-demo ES

For more information on Spamina ATP, you may:

 

banner-atp-prueba-piloto-es