When it Comes to Ransomware, the Best Offense is a Good Defense

The need for cybersecurity awareness and preparedness is once again top of mind as companies across the globe are reeling after the WannaCry ransomware attack last month, and now the NotPetya ransomware attack just last week (also referred to as Petya or Goldeneye).

blue lights seen through a security fence

We have been speaking to numerous customers since the attacks and all are trying to understand what more they can be doing to protect themselves. Unfortunately, malware variants like ransomware are not going to disappear anytime soon. In fact, according to the Department of Justice, 4,000 ransomware attacks happen daily, which adds up to 1,460,000 attacks a year, millions of dollars on the line and numerous amounts of your data that could potentially be compromised.

In cybersecurity, the best offense is a good defense.

Threats evolve quickly and it is imperative that organizations implement a multi-faceted security approach that can effectively stop evolving threats. While there is no silver bullet for complete endpoint and data security protection, there are many solutions available today that can significantly help protect against threats and keep critical data secure. For those looking to protect themselves going forward, Dell has several security products available that can help.

The most important solution that organizations need to consider is an advanced threat prevention solution to identify malicious threats and stop them before they can run. There are many solutions available today, but they’re not all created equal. Many traditional anti-virus solutions are based on legacy technology – and legacy threats – of 20 years ago when the number of malware variants were measured in the thousands per year, not hundreds of thousands per day. Signature-based anti-virus solutions have had a declining efficacy for years precisely because they can’t keep up with the multitude of variants out there, and nor can they effectively protect against advanced threats such as zero day attacks.

Dell EMC can help.

Dell Endpoint Security Suite Enterprise integrates Cylance technology that employs artificial intelligence and mathematical models to protect against the execution of advanced persistent threats and malware including zero day attacks and targeted attacks such as ransomware. This solution stops up to 99 percent of malware and advanced persistent threats, far above the average 50 percent efficacy rating of many traditional anti-virus solutions. The suite combines data encryption with advanced threat prevention to protect data – so that if something does happen, the files are encrypted.

An advanced threat prevention solution is only one step. In our blog post about the WannaCry issue last month, we talked about the need to keep the software that you have in place updated and deploy all patches promptly. This is how the WannaCry attack occurred and became so widespread – the worm took advantage of a vulnerability in older versions of Windows, and the attackers bet that many organizations had not deployed the patch that was provided a few months prior. NotPetya is different in that it used more than one way to infiltrate systems and propagate itself, but one of the ways that it spread was through this same vulnerability. This demonstrates that known vulnerabilities will continue to be exploited because many organizations do not deploy patches in a timely manner –something that we’ll explore in greater detail in a future post.

Because attacks will happen, it is critical to have backup and recovery in place as well. One to look at is Mozy by Dell – a secure, cloud data protection solution for laptops, desktops and small servers across a distributed enterprise for easy recovery from data loss incidents like ransomware attacks. This way, if you are breached, you can recover your data on your own terms and it’s not lost forever. For enterprises, Dell EMC recovery solutions including storage-based replication and data protection solutions can also help recover business critical systems at the data center.

Learn more:

To learn more about Dell’s full portfolio of security solutions, including Dell Endpoint Security Suite Enterprise, please visit our Data Security website.

If you are interested in learning more about ransomware, please read The Real Cost of Ransomware by Jim Shook of the Dell EMC Protection Group and Ransomware and What You Can Do To Help Protect Your Data by Alan Daines, Chief Information Security Officer at Dell.

Two blogs worth reading from security organizations under the Dell Technologies umbrella are In the Aftermath of the “NotPetya” Attack by Mike Cote of Secureworks, and What Your Business Can Learn About WannaCry by Rohit Ghai of RSA.

About the Author: Brett Hansen

Brett Hansen is Vice President, Dell Unified Workspace. In this role, he is responsible for developing solutions that enable customers to simplify and streamline their client lifecycle, secure their endpoints, and ultimately provide users with a more productive and modernized workspace environment. With Dell Technologies uniquely positioned to deliver these solutions, Mr. Hansen harnesses capabilities from Dell Client, Dell Services, VMware and Secureworks to deliver integrated solutions spanning hardware, software and services. These technologies are optimized on Dell Client portfolio, but also embrace the multi-OS and device heterogenous environments of our customers, ultimately providing them with the choice, simplification, and productivity improvements they desire. Brett engages with customers, channel partners and product developers on a daily basis, leveraging his more than 15 years of experience leading business development and channel functions in the software industry. Brett joined Dell after 12 years with IBM Software Group. In his last position at IBM, he served as Director, IBM Tivoli Demand Systems Marketing where he held global responsibility for generating and managing the Tivoli pipeline.