Skip to main content

Ransomware

Contents

    What is Ransomware?

    Ransomware has become one of the most prominent and visible type of malware. A bad actor designed it to deny a user or organization access to files on their computer. By encrypting “stolen” files and demanding a ransom payment for the decryption key, bad actors force organizations to pay a ransom because it is sometimes the easiest and most cost-effective way to regain access to the files.

    Why should organizations care about ransomware attacks?

    • Ransomware will continue to be a problem because every time a ransom is paid, it encourages other would-be attackers.
    • Attacks can effectively shut down a business until the data is recovered (in some cases, the data is gone forever, even if the ransom is paid).
    • Organizations will experience negative publicity following an attack. Some companies are including how they respond publicly to cyber attacks in their crisis communications plans. A ransomware attack can cause organizations to shut down their systems and manufacturing facilities, forcing them to stop normal business activities, thus hurting their revenue. Organizations will need to make the attack public to the media, investors, stockholders, employees, and customers.
    • Negative sentiment will cause customers and employees to become anxious about safety and security following an attack. For example, bad actors have targeted the healthcare, manufacturing, local governments, and education sectors forcing the victims to pay ransoms. Private and sensitive can be stolen by the attackers and shared on the dark web.

    How do you protect yourself from ransomware?

    Deploying network detection and response (NDR) technology using encrypted traffic analysis (i.e., the application of machine learning applied to deep packet dynamics), offers an organization’s security operations center (SOC) the ability to analyzing encrypted traffic without the need for decryption.

    NDR enables the effectiveness of the SOC by increasing the speed of response and stopping a ransomware attack before it happens by detecting anomalies in the network or minimizing the damage caused by an attacker.

    Related Products

    LiveNX

    Network Performance
    Management Software

    Learn More

    LiveWire

    Extend Network
    Monitoring

    Learn More

    LiveCapture

    Packet Capture
    and Analysis

    Learn More

    Related Glossary Terms

    Glossary

    Network Management

    Network management refers to a network’s administration, maintenance, and oversight, covering both hardware and software.

    Glossary

    VoIP Technology and Glossary

    VoIP Technology and Glossary Although VoIP systems are capable of some unique functions (for example: video conferencing, instant messaging, and

    Glossary

    Type 1 Logical Link Control

    Type 1 LLC is connectionless. It simply identifies the source and destination service access points. It does little more than the Version II Ethertype.

    Glossary

    Transmitting and Acknowledging

    Examining A Protocol Analysis Trace Of Transmitting and Acknowledging In Type II Logical Link Control After the Type 2 connection has been set up, the