GTC Disassembling and analyzing malware to see how it works, what it's designed to do and how to protect against it, is mostly a long, manual task that requires a strong understanding of assembly code and programming, techniques and exploits used by miscreants, and other skills that are hard to come by. "The moment you see your network – and by network, I mean the network defined the modern times, whatever you have on premises, whatever is out in the clouds, whatever you have with your remote users – when you see any assets from your network contacting an adversarial infrastructure, eliminate that contact because that puts you in your zone of maximum resistance to attacks," Villadiego told The Register. Find and remediate that precursor malware and a company can ward off the ransomware attack is the theory.
However, ransomware doesn't occur in a vacuum, according to security startup Lumu Technologies.Ī ransomware infection is usually preceded by what Lumu founder and CEO Ricardo Villadiego calls "precursor malware," essentially reconnaissance malicious code that has been around for a while and which lays the groundwork for the full ransomware campaign to come. Ransomware is among the most feared of the myriad cyberthreats circulating today, putting critical data at risk and costing some enterprises tens of millions of dollars in damage and ransoms paid.
0 kommentar(er)
