Recently, software engineer and noted tech journalist Ben Dickson explored the growing threat of ransomware in an article in The Daily Dot. He gives a thorough yet remarkably non-techie overview before tackling the difficult part – what can companies and individuals do to protect themselves. Dickson turned to our own Ronen Yehoshua, CEO of Morphisec, to understand why traditional security approaches fail and possible solutions.
Ronen explains, “Behavioral detection tools are more effective against new variants…but they still can be evaded by various techniques and come with their own set of problems, including false positives and resource intensive updating and monitoring.” He also points out that some ransomware variants don’t use executables, which makes them very hard to detect, instead using legitimate operating system services “to do their dirty job.”
Ronen goes on to clarify that, really, the focus on the ransomware itself distracts us from the real issue – the exploit kits and other sophisticated delivery vectors. “Ransomware is the last part in an attack kill chain… the payload. The right way to prevent ransomware is thwarting the attackers’ efforts to deliver the ransomware to a user’s machine.”