If you haven’t already noticed, we love our metaphors here at RansomwareNewz HQ and often find the easiest way to explain security and tech issues to laymen is by including easily understandable conversational landmarks – often sports or TV or movie analogies.
And, after the authors of the Locky malware peppered their VB script with Game of Thrones references, that got us thinking… Ransomware is, after all, the modern-day equivalent of catapulting a dead, decaying cow into your computer network.
BEWARE OF GEEKS BEARING GIFTS
Before you go thinking that we’ve lost the plot, the briefest of history lessons – Some of our most-used security terminology comes from medieval and even way back to Greek times.
Mention a trojan today and everybody understands it’s a malicious program which misleads users of its true intent. The name obviously refers to The Trojan Horse which the ancient Greeks left outside the city of Troy.
The city dwellers, believing it to be a winning trophy and sign of respect, wheeled the wooden beast inside the city walls and went to sleep. Then, out of the belly of the horse jumped a battalion of Greek soldiers who killed everyone. It’s also where the phrase “Beware of Greeks bearing gifts” comes from.
On a similar note, but not exclusive to castles, the word firewall has two ancient meanings. The first is, obviously, “a wall or partition designed to inhibit or prevent the spread of fire”, while the second, also known as a Chinese Wall means “any insurmountable barrier, especially to the passage of information or communication.” Therefore the Great Wall of China was one of the first firewalls.
So, with that in mind, and using Unitrends’ five arms of defence we’re going to investigate some more similarities…
PROTECT
Imagine you possess an ancient scroll, let’s say a map to the location of the Holy Grail. You want to keep it from the invading attackers so what do you do? Well, in addition to hiding it in the deepest vault of your castle, you’d be wise to make copies of the magical manuscript, one in another language (perhaps Latin, Olde English or the gift of song through use of a singing troubadour) and store one of them off-site. If medieval, pitchfork carrying peasants covered in mud could count that high, they’d probably call this 3-2-1 protection whereby 3 copies of your data are made on 2 different types of media with 1 copy stored off-site.
SECURE
With the approaching armies just a day’s march away, it’s time to secure your castle. Stock up on supplies, make sure the drawbridge is up and the portcullis down, Ensure your moat is filled with sea monsters or piranha fish and you’ve enough boiling oil to pour onto ladder-climber’s faces. This may be obvious to battle-hardened soldiers like us, but a whopping 71% of medieval battle amateurs don’t have both a firewall and antivirus solutions on their PCs.
You see, your firewall, antivirus software and passwords are your moat, drawbridge and portcullis.
The moat/drawbridge combo is the only way in or out of your computer system castle. The thin strip of land allows only authorized data in and out and you only pull up the portcullis if your scouts and soldiers know the day’s hard-to-work-out password. Oh, and it wasn’t 12345678.
Your antivirus software is your castle’s guards – the brave folk who shout “Who goes there, friend or foe?” This first line of defence detects known malware from a list of threats (recognized spies) that they’ve already encountered using signature-based detection, while if any unknown malware tries to get past them, the guard’s well-honed suspicion kicks in (behavior-based detection.)
Sorry, Sean Bean – you’re wrong. By transitioning away from malware susceptible Windows backup software to a purpose-built hardened Linux solution exponentially hampers hackers from successful attacks.
TEST
The night before your enemy’s armies attack your castle, it’s time to test your infrastructure – make sure the drawbridge is working, your portcullis is well-oiled, your Windows are protected and you’ve re-calculate the trajectory of your fireball catapults, that sort of thing.
The above video is what happens when Ransomware does run amok inside your folders if you don’t protect, secure and test…
DETECT
The guards and generals may be important lines of defence, but the forgotten heroes of battles are the scouts and watchmen. It’s their job to stay alert to attack 24/7. At the first sight of the enemy, they inform the generals to ready their defences. Remember Philippides, who ran 26 miles from Marathon to Athens to warn his Spartan mates that the Persians were on their way, before collapsing and dying? His detecting efforts are where we get the word marathon from.
Unitrends use adaptive & predictive analytics against backup data designed to search for ransomware threat conditions. Algorithms use machine learning to forecast ransomware conditions. Proactive alerts are sent when ransomware conditions are detected, just like Philippides… but quicker!
RECOVER
By running on a hardened Linux platform, Unitrends Recovery Series backup appliances are resistant to malware and ransomware attacks. Unitrends Instant Recovery also lets their customers spin up their backup data on-premises in minutes, thereby, deflecting any attempted attacks like an arrow bouncing off a shield.
After the battle is won and you’ve successfully repelled the attacking armies, it’s recovery time, and no – that doesn’t mean a well-earned, drunken Viking-esque victory feast with mead and gnawing meat-off -the-bone – the ancient equivalent of the Christmas office party.
In summary, Unitrends has an iron-clad security platform; a virtual force field to ensure that client’s digital assets are protected. The mantra for hacking Unitrends customers is “Don’t waste your time!”
You can download Unitrends’ Beginners Guide to Ransomware PDF by clicking here.
One comment