Continuing ransomware media coverage
On the wire podcast: Wade Williamson
On the wire | 17 June 2016
To cut through some of the ransomware nonsense, Dennis Fisher called Wade Williamson of Vectra Networks to discuss the ways in which enterprises are detecting and dealing with ransomware on a network level and how they’re implementing and using threat intelligence feeds.
As ransomware rises, cybersecurity researchers fight back
The Christian Science Monitor | 13 June 2016
"Another firm, Vectra Networks, has also developed a ransomware detection scheme that can quickly recognize the virus by a series of malicious behaviors, such as unauthorized file encryption – combined with a so-called “file canary” system – a phony file system used to bait hackers.”
Hackers shift to Neutrino exploit kit to spread CryptXXX ransomware
SC Magazine | 10 June 2016
Vectra CSO Günter Ollmann tells SC Magazine that the exploit kit change is likely driven by infection performance – which supports the idea that additional AV products would be less capable of detecting the threat. “Anti-malware technologies that use static signatures will likely be slow to react to the change of threat vector and distribution.”
The hot cybersecurity topics at Infosec 2016
Computer Business Review | 8 June 2016
Ransomware has been in the consumer world for some time but is now making more inroads into businesses. According to Vectra CSO Günter Ollmann, this is not so much a repurposing of ransomware for the enterprise but the employees bringing consumer-targeted threats into the enterprise with them. This is a particular danger of BYOD policies.
Ransomware-Angriffe in Echtzeit erkennen
LANline | 8 June 2016
Ransomware-Angriffe entwickeln sich für Unternehmen zu einer zunehmenden Gefahr, der IT-Sicherheits Teams kaum noch Herr werden. Vectra hat nun seine X-Series-Plattform um eine neue Dimension der Gefahrenerkennung erweitert – der Identifizierung von Ransomware-Angriffen. Diese ermöglicht eine Erkennung von Verschlüsselung jeglicher Art innerhalb weniger Sekunden, wodurch Unternehmen den Schaden dieses heimtückischen Malware-Typs signifikant verringern können.
Vectra stellt Ransomware-Erkennung für Firmen vor
Silicon.de | 7 June 2016
Der Sicherheitsanbieter Vectra hat seine X-Series genannte, zentrale Angriffserkennungsplattform um Algorithmen zur Identifizierung von Attacken mit Erpresser-Software erweitert. Die Plattform soll dadurch stattfindende Ransomware-Angriffe auf ein Unternehmen unmittelbar erfassen und verhindern können, dass Daten von einem oder mehreren Computern aus dem Firmennetzwerk verschlüsselt sowie der Zugriff darauf – im günstigsten Fall – nur nach Zahlung eines Lösegeldes an den Hacker erfolgen kann.
The risk and rise of ransomware
SC Magazine | 3 June 2016
Ransomware is popular because the malware can be monetised anonymously and quickly. "Through the use of bitcoin payment systems," explains Günter Ollmann, CSO at Vectra Networks, "the criminal can force the victim to pay the ransom in a monetary unit that facilitates complete anonymity and can be trivially converted to cash."
Microsoft warns of rare ransomware worm
TechTarget | 1 June 2016
Wade Williamson, director of threat analytics at Vectra Networks, said ransomware worms are part of the natural evolution of malware. "It is important to remember that while ransomware is the newest head on the malware hydra, it is still malware. As such it can be delivered and propagated in all the ways that we have seen malware used in the past.
Canary in the ransomware mine
IT Security Guru | 9 May 2016
"I’m often asked how organisations can stop ransomware from shutting down their business in the cheapest and most robust way?" Günter Ollmann, CSO of Vectra Networks tells IT Security Guru. "The quickest no-frills way of mitigating the network encryption piece of ransomware is actually pretty simple and follows the canary-in-a-coal-mine principle.”
The rapid evolution of ransomware in the enterprise
SecurityWeek | 2 May 2016
While early versions of ransomware targeted individuals, the approach is now rapidly evolving and has been successfully adapted to target enterprises. This has literally raised the stakes, prompting considerable changes to current best practices in order to protect enterprise data from ransomware.
Ransomware vaccine promises protection but experts are wary
TechTarget | 31 March 2016
Günter Ollmann, chief security officer at Vectra Networks, said these kinds of vaccines are designed to break the "sequential installation or malicious activities of malware" and may not protect against an entire family of malware.
Ransomware epidemic prompts FBI guidance
BankInfoSecurity | 31 March 2016
Newer ransomware families are much more damaging than earlier versions, says Vectra CTO Oliver Tavakoli. "Early versions of ransomware encrypted files and left computers operational. The newer versions, like Petya, encrypt the file system structures and render an entire machine unusable.
Phishing campaign takes ransomware attacks to a global scale
TechTarget | 16 March 2016
"Virtually every network already has malware, and these infections are more than enough for a ransomware attack,” says Wade Williamson, director of threat analytics at Vectra. “A few spam-bots in your network may not seem like a big deal, but a few CryptoWall infections could bring business to a standstill.”
Ransomware migrates to Apple Macintosh computers
Computer Weekly | 8 March 2016
The trouble with corporate security for Apple Macintosh computers is that they do not always integrate seamlessly due to differences in the operating system, especially with traditional endpoint systems, Matt Walmsley, EMEA director at Vectra, tells Computer Weekly.
Why ransomware is not going away any time soon
SecurityWeek | 30 November 2015
Ransomware is targeting enterprise networks with a vengeance. In addition to user hard drives, it's been increasingly successful at encrypting file-shares and network drives. Consequently, ransomware has evolved from a mere nuisance to a potentially debilitating attack that holds critical business assets and intellectual property hostage.