Flash Point Paper Security

Ransomware:

Preventing Questions to Ask Yourself About Ransomware

Hostage Data ■ ■ How do you prevent ransomware Cybercriminals take advantage of a vulnerabil- attacks at the moment? ity in your environment to infest your systems ■ with malware that encrypts your vital business ■ How do you know when users bring data so it’s unusable until you pay them to de- unauthorized software or hardware crypt it. In some cases, they even steal the data into your work environment? and threaten to release it to your competitors ■ or sell it to the highest bidder. ■ How often do you have to make decisions about what to patch The WannaCry and NotPetya ransomware at- and what not to patch? tacks have been two of the most devastating ■ incidents in history. WannaCry cost businesses ■ How user-proof is your backup between $4 billion and $8 billion. Losses due protocol? to NotPetya were estimated at more than ■ $10 billion. What makes ransomware attacks ■ How do you store backups? so dangerously effective is that they are self- How do you restore it? propagating. They detect and leverage vulner- abilities in your network and software to gain escalating access to other network devices and data across your environment until the intruder cripples and holds hostage your en- organizations had simply patched their sys- tire enterprise. As frightening as the prospects tems, they would have been impregnable to of a ransomware attack can be, the reality is those attacks. that implementing a few simple best practices is typically all that is needed to keep you safe The big question then becomes, why didn’t from such attacks. those organizations patch their systems? The answer is that patching every system and Prevention Is the Best Defense piece of software in a timely manner for any Perhaps the biggest irony of most ransomware mid-size to large environment can be a mas- incidents is that they easily could have been sively complex undertaking if the organization avoided. Ransomware attackers usually ex- doesn’t have the right tools. The right tools ploit well-known vulnerabilities that if victims consist of an auto-discovery solution that can take known best-practice steps to correct, the detect and inventory every laptop, desktop, attempts to infiltrate their environments will and server connected to your network so you simply fail. Those best practice steps involve know the vulnerability status of everything that keeping all their systems and software patched might need to be patched. Next, you need a with all the latest security updates. For example, patch management solution that can quickly a month before the WannaCry and NotPetya and automatically update each of those end- attacks began to wreak havoc, Microsoft had points with the appropriate and most recent released a patch to repair the vulnerability that security patches. That includes also being able each of those attacks exploited. If the victim to report back to you the success or failure of those patch efforts, so you can be certain that cybercriminals simply don’t release it. Other every endpoint has been successfully patched times the malware they use to encrypt the and protected. data corrupts the data so it’s not recoverable, whether or not a ransom has been paid. Instant, Automatic Intrusion Mitigation Simplifying Ransomware Protection What do you do if somehow you still become To put you at ease in the face of potential ran- victim to an attack? First of all, your patch man- somware attacks, Micro Focus offers the solu- agement system needs to continue to auto- tions that make it simple to employ the best matically scan your environment for potential practice steps needed to keep your data and Contact us at: threats and remediate any that are discovered environment safe. Micro Focus® ZENworks® www.microfocus.com to further reduce the possibility of an attack Patch Management automates the process ever happening. If a new vulnerability emerges, of discovering and monitoring the patch state Like what you read? Share it. your patch management system should be of all your Windows laptops, desktops, and able to immediately alert you of any devices servers, and makes sure they’re always up- or apps that are vulnerable and automatically dated with the latest patches. It also makes patch them to block the threat or stop it from sure your antivirus and antimalware solutions’ propagating if it has already infected your sys- definition files stay current to further reduce tem. Of course, having a strong firewall, appli- the risk of infection. It stays on the lookout for cation controls, and security policies enforced exploitable vulnerabilities as they emerge and on each of your endpoints will further increase immediately patches them to prevent infection your ability to block such attacks. And for you and network propagation. to have the visibility you need to ensure you really are vulnerability free, you need central- To further keep ransomware attacks at bay, ized management that makes it easy to see the Micro Focus ZENworks Endpoint Security vulnerability and security status of each of your Manage­ ment­ gives you fine-grained, policy- connected endpoints. based control over all your Windows laptops, desktops, and servers, including advanced Secure Continuous Backups firewall protection, application controls, wire- Even with the protection of automated patch- less security, port controls, and robust storage ing and hardened security policies, you need device controls. Micro Focus Connected MX additional lines of defense to guarantee you gives you a cloud-based continuous backup never lose your valuable data. That’s why the and recovery service with policy-driven pro- final best practice includes employing secure, tection that makes sure the data on your lap- continuous backups of all your endpoints. So, tops and desktops can always be recovered, even if, in spite of all your protection efforts, whether it’s from an attack, system failure, or cybercriminals somehow still manage to hold natural disaster. your data hostage, you can easily recover us- ing your backups. And don’t think that if you For more information on how Micro Focus can get caught without a data backup that you’ll keep your endpoint data safe from ransom- be able to get your data back by paying the ware and other threats, visit: www.microfocus. cybercriminals their ransom. Studies indicate com/products/zenworks/. ______that when ransomware victims have paid a ransom, only 19% of them have actually been * CyberEdge Group, “2018 Cyberthreat able to get their data back.* Sometimes the Defense Report”

184-000019-001 | M | 02/19 | © 2019 Micro Focus or one of its affiliates. Micro Focus, the Micro Focus logo, and ZENworks, among others, are trademarks or registered trademarks of Micro Focus or its subsidiaries or affiliated companies in the United Kingdom, United States and other countries. All other marks are the property of their respective owners.