Ransomware Now

London, UK – June 9, 2017 – Infosecurity Europe 2017, the largest event in the Eastern Hemisphere, finished yesterday. This year it was the 21st exhibition. A lot of excellent solutions were demonstrated there; and well-known IS experts presented plenty of reports. It was great to spend three days in a good company among thousands of people committed to Information Security. This year, most attention was paid to two topics: Ransomware and Internet of things threats.

This is not surprising, because the number of Ransomware attacks increased by 7.5 times during the last year, and the Internet of things is already used everywhere, but such devices are poorly protected against exploitation by adversaries. After the “failed” WannaCry attack, the number of Ransomware attacks has ceased to increase; some experts even predict a slight decrease in their number for the near future (assuming that hackers switch to another attack vector). But is it really so? Was WannaCry’s attack a distraction from preparation for some other attacks (for example, with the EternalRocks worm)? We have no answer, but we recommend all organizations to protect themselves from possible threats by downloading from S.M.A. Cloud free SIEM Use Cases for ArcSight, QRadar and Splunk – WannaCry / WannaCrypt Ransomware Detector and EternalRocks Worm Detector. They are designed to detect the activity of these viruses, so you will have time to take actions and not become a victim of adversaries.
Also in S.M.A. Cloud you will find Use Cases Ransomware Hunter (that detects and automatically warns about Ransomware), DetectTor (that allows real-time detection of Tor communications) and APT Framework (that detects any signs of APT at different stages of Cyber ​​Kill Chain).