Ransomware is malicious software, or malware, that encrypts the information on a person’s computer like documents, photos, and music. It will not release these files until the user pays a fee — or ransom — to unlock these files and get them back.
Ransomware has quickly become the most profitable type of malware ever seen, on its way to becoming a $1 billion annual market.
It commonly makes its way onto a computer or network through the web or email. On a website, ransomware may infiltrate through infected ads that can deliver malware, known as “malvertising.” Users surf sites with malicious ads that automatically download malware or redirect them
to exploit kits. In an email, ransomware uses phishing or spam messages to gain a foothold. Users merely have to click links in phishing or spam email or open attachments for ransomware to download and call out to its command-and- control server. Watch how easily it for users to be hacked [Video]
Ransomware can also take control of systems by using exploit kits. Exploit kits are software kits designed to identify software vulnerabilities on end systems. They then upload and run malicious code, such as ransomware, on those vulnerable systems.
In the future, ransomware will not merely target individual users, but also target entire networks. With more semi-automatic propagation methods, ransomware authors will capitalize on opportunities to breach a network and move laterally to control swaths of the network to maximize impact and probability of receiving payment.
Reduce Ransomware Risk with More Effective Security
Given that ransomware can penetrate organizations in multiple ways, reducing the risk of ransomware infections requires a portfolio-based approach, rather than a single product. Ransomware must be prevented where possible, detected if it gains access to systems and contained to limit the damage.
Cisco® Ransomware Defense calls on the Cisco security architecture to protect businesses using defenses that span from networks to the DNS layer to email to the endpoint. It is backed by industry-leading Talos threat research for the ultimate responsiveness against ransomware.
- Reduce risk of ransomware infections with security that can block threats before they can attempt to take root.
- Immediate protection from ransomware allows you to stay focused on running your business.
- Layered, integrated defenses give you unmatched visibility and responsiveness from the DNS layer to the network to the endpoint.
- Dynamic segmentation to keep ransomware cornered on the network.
- Industry-leading intelligence
- Delivered by the Cisco Talos Security Intelligence and Research Group.