Ransomware targets consumers and businesses, using malware to infiltrate systems and encrypt valuable data. Then the attackers request a ransom. Mostly recently, the Hollywood Presbyterian Medical Center was successfully compromised. Attackers were paid $17,000 to unlock the hospital's data.
The 2015 FBI warning stated, "When ransomware first hit the scene, computers predominately became infected with it when users opened e-mail attachments that contained the malware. But more recently, we’re seeing an increasing number of incidents involving so-called “drive-by” ransomware, where users can infect their computers simply by clicking on a compromised website, often lured there by a deceptive e-mail or pop-up window.
Another new trend involves the ransom payment method. While some of the earlier ransomware scams involved having victims pay “ransom” with pre-paid cards, victims are now increasingly asked to pay with Bitcoin, a decentralized virtual currency network that attracts criminals because of the anonymity the system offers."
ThreatSTOP customers are protected from ransomware. ThreatSTOP blocks ransomware attacks by preventing threat actors from bypassing routers, firewalls and DNS servers with automatically provisioned best-in-class threat intelligence.
Our service enables users to set custom policies, then automatically enforces those policies to block both inbound attacks and data theft and corruption. This is accomplished using existing equipment – no new hardware to configure, no training, no malware analysis required. The service includes up-to-the-minute reporting to identify affected machines for quick remediation.