GEC NEWS WIREAttivo Networks has urged not only healthcare, but all industries to take immediate steps in the wake of Friday’s global ransomware attacks. “The recent massive cyberattack manifested a significant change in the cyber realm. It was indicative of cybercriminals crossing the lines of ethical boundaries at the expense of public safety” says Ray Kafity, Vice President, Middle East, Turkey & Africa at Attivo Networks.
WannaCry Ransomware hit globally and has been referred to as a weapon of mass destruction based on its ability to spread like wildfire once it has gained access to unpatched computers. The impact has been significant and has targeted financial, energy, transportation, government, and hospitals. The malicious software behind the onslaught appeared to exploit a vulnerability in Microsoft Windows.
“There are solutions in the marketplace today that can isolate ransomware immediately upon an attacker’s attempted access to networked drives or their in-network lateral movement,” added Kafity. “It is noted that Attivo’s high interaction deception techniques have been Attivo Labs tested to slow down the encryption process by 25x. This slows down the WannaCry Ransomware and provides incident response teams valuable time to respond and isolate the attacks either manually or automatically through 3rd party integrations”.
The Attivo Networks solution for ransomware starts by providing a “motion sensor” that alerts the organization of an attacker that tries to encrypt the decoy drive or compromise a Windows SMB vulnerability. The decoy drives are set up as networked drives and designed with high-interaction technology and lures to attract the attacker to engage with the deception asset instead of production drives.
