Malware Patrol’s CEO Andre Correa was recently interviewed by Dana Mantilia from Identity Protection Planning. They discussed the basics – and more – about ransomware:
- What is Ransomware?
- What should a company do in the case of an attack?
- Why is paying ransom a bad idea?
- Why has cryptocurrency became the main payment method for ransom?
- How do you recover from an attack?
This is a worthwhile watch if you have unanswered questions or want to review what you already know. In the event that your organization suffers (or has suffered) an attack, you will have some difficult decisions to make. The more you can prepare yourself and your team for how to respond, the better your recovery will be.
An attack impacts each organization differently, and now double extortion ransomware has complicated the simplistic “never pay” stance that many in the industry take. These considerations make it important to seek information from a variety of sources. You will need to find the solutions that fit your organization’s situation.
Not surprisingly, we want to emphasize the importance of using threat intelligence to help prevent and detect threats in your environment. Securing your organization is simply easier when you know what you are supposed to be blocking or hunting!
Malware Patrol offers three data feeds that specifically cover this threat: 1) URLs known to be hosting ransomware (or the malware that is used to open access to network for the ransomware install), 2) Command & Control Servers and 3) DGAs, the URLs/domains from which malware and ransomware receive their instructions and/or to which they send stolen data.