Ransomware Prevention

[vc_row][vc_column][vc_custom_heading text=”Predict & prevent Wannacry ransomware” font_container=”tag:h1|text_align:left” use_theme_fonts=”yes”][vcmp_space vcmp_height=”20px”][/vc_column][/vc_row][vc_row][vc_column width=”1/2″][vc_custom_heading text=”What is WannaCry?” use_theme_fonts=”yes”][vc_column_text]WannaCry (aka WannaCrypt, WCry, WanaCrypt0r 2.0, Wanna Decryptor) is yet another ransomware variant. This particular strain was coupled with a Windows exploit dubbed EternalBlue which allowed it to automatically propagate itself to vulnerable machines across the internet beginning on May 12, 2017, when the first wide-scale infections began. Perhaps the most high-proflle compromise to-date has been the large swath of health care institutions in the UK that were essentially shut-down and rendered unable to provide care to their patients. While not technically advanced, the use of the EternalBlue created a ransomworm that spread much faster than any other previously reported ransomware outbreak.[/vc_column_text][vc_custom_heading text=”How Cylance blocks WannaCry” use_theme_fonts=”yes”][vc_column_text]CylancePROTECT immediately prevented the execution of WannaCry on all of our customer’s endpoints. How? By leveraging machine learning and artificial intelligence to predict malicious code pre-execution without relying on a signature, heuristic ruleset, cloud connection, or any of the methods used by traditional antivirus products.[/vc_column_text][/vc_column][vc_column width=”1/2″][vc_video link=”https://youtu.be/eQwJIrlrrYU”][/vc_column][/vc_row][vc_row][vc_column][vc_custom_heading text=”How Ransomware Works” font_container=”tag:h2|text_align:center” use_theme_fonts=”yes”][vc_row_inner][vc_column_inner width=”1/6″][vc_single_image image=”9803″ alignment=”center”][vc_custom_heading text=”PHISH” font_container=”tag:h2|text_align:center” use_theme_fonts=”yes”][vc_column_text]

Generally, a user is sent an email or link containing malicious code, and they click on it. In rare cases, ransomware can also be delivered via worm.

[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/6″][vc_single_image image=”9801″ alignment=”center”][vc_custom_heading text=”ENCRYPT” font_container=”tag:h2|text_align:center” use_theme_fonts=”yes”][vc_column_text]

The malicious code executes on the victim’s computer and encrypts the contents of the drive(s) connected to
the computer.

[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/6″][vc_single_image image=”9800″ alignment=”center”][vc_custom_heading text=”CONTROL” font_container=”tag:h2|text_align:center” use_theme_fonts=”yes”][vc_column_text]

The malware then communicates with a Command-And-Control (C2) server owned by the attacker.

[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/6″][vc_single_image image=”9802″ alignment=”center”][vc_custom_heading text=”EXTORT” font_container=”tag:h2|text_align:center” use_theme_fonts=”yes”][vc_column_text]

Users are given a timeline to pay the ransom or risk losing their files.

[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/6″][vc_single_image image=”9799″ alignment=”center”][vc_custom_heading text=”COLLECT” font_container=”tag:h2|text_align:center” use_theme_fonts=”yes”][vc_column_text]

Attacker finally demands payment in order to decrypt the user’s files, normally paid via bitcoin or other digital
payment methods.

[/vc_column_text][/vc_column_inner][vc_column_inner width=”1/6″][/vc_column_inner][/vc_row_inner][/vc_column][/vc_row][vc_row][vc_column][vc_custom_heading text=”Prevent Ransomware Before it Takes Over” font_container=”tag:h2|text_align:center” use_theme_fonts=”yes”][vc_custom_heading text=”Talk to a Cylance expert today and get a demo of CylancePROTECT, the world’s first AI designed to stop ransomware and advanced threats before they cause damage.” font_container=”tag:h5|text_align:center” use_theme_fonts=”yes”][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]

[/vc_column_text][/vc_column][/vc_row]