Sign In
- Platform
- Solutions
- Modern NDR
- Resources
- Company
Platform
Modern NDR
Resources
Platform
Modern NDR
Resources
DETECTION OVERVIEW
Risk Factors
Ransomware attacks are increasingly common because they provide attackers with a high return on their investment. Different strains of ransomware malware are easily acquired or created in multiple programming languages. The impact of ransomware on a business can be devastating, especially if sensitive or business-critical data is lost through encryption, or if a high ransom is paid.
The system might change the risk score for this detection.
Kill Chain
Risk Score
83
Ransomware is a type of malware that encrypts files on a victim machine, which makes those files inaccessible until the victim pays a ransom for the decryption key. Ransomware attacks can originate from phishing emails, exploited network services, or large-scale attack campaigns. After the ransomware encryption begins, the encryption process can quickly spread throughout the network and across file shares on critical assets.
Maintain off-site and up-to-date backup files that can restore critical systems
Periodically restore systems from backup files to make sure they are working
Disable internal services that are exposed to the internet, especially services that run over file sharing or remote access protocols
Enforce security zones by implementing network segmentation and firewall policies to limit how devices can communicate
Update operating system software to the latest version to reduce the number of vulnerabilities that can be exploited
Enforce a strong password policy to reduce the possibility of attacks that are linked to ransomware
