Ransomware: It can make a good day bad, or a bad day significantly worse. Ransomware, or malware that encrypts the data on your network, servers, and/or devices, holds your information hostage for a price (often demanded in bitcoin or another form of digital currency).
The way ransomware typically works is that it will:
- Use a malicious link, email, or attachment to get a user to click on it;
- Download a file onto an endpoint device;
- Make a callback to a malicious website;
- Encrypt your files and data; and
- Demand that you pay a certain cost—otherwise your data will be destroyed or sold.
Last year was a record year for cyber crime involving ransomware and included attacks like Petya, NotPetya, and WannaCry. Ransomware attacks increased by more than 90% from January-November 2017 over the same period the previous year, according to research cited in a recent Forbes article. An equally disturbing statistic is that it can take anywhere from 16 minutes to 18 seconds to fully encrypt a system, according to the Cisco Umbrella website.
As an IT network support and cloud security professional in Los Angeles for more than 25 years, I have received many questions about cybersecurity and the growing concern of ransomware. At my company, FPA, we rely on Cisco Umbrella Internet Threat Prevention as a key component of our FPA “stack,” a term we use for our foundational managed technology platform, which ensures our clients’ network performance, security, and stability.
The FPA stack includes:
- Managed IT Services
- Backup & Disaster Recovery (DR) Solution
- Managed SonicWALL Firewall
- Managed ESET Antivirus
- Managed Cisco Umbrella Internet Threat Prevention
One of the most frequent questions I hear from clients is this: "Does Cisco Umbrella block ransomware?" In truth, this is a bit of a loaded question for any security professional to try to answer because the answer could be “yes” or “no,” depending on the individual circumstances and attack variables.
I’m going to take a few moments to explain what Cisco Umbrella is and how it can protect your business or organization.
What is Cisco Umbrella?
In case you’re not familiar with it, Cisco Umbrella is a cloud security platform used by FPA to provide the first layer of defense against threats on the internet wherever users go. Unlike a traditional antivirus, Umbrella provides a layer of security at the DNS level. By stopping threats at the port and protocol level, it serves to prevent ransomware and various forms of malware from reaching your network and endpoint devices.
We encourage all of our clients to use Cisco Umbrella Internet Threat Prevention for their businesses. One of the greatest advantages of this tool is that it blocks command and control traffic to malicious websites. What this does is help to prevent an infected device from attempting to contact an attacker’s external servers, thereby stopping the execution of their ransomware encryption. This is key for helping to prevent your data from becoming encrypted.
Cisco Umbrella is the latest addition to the FPA stack, and our clients who use it have enjoyed great success in protecting their systems and data. In fact, they’ve been able to reduce the occurrence of ransomware infections, stopping 50-98% more attacks than users who only use a firewall or an antivirus.
While Cisco Umbrella on its own is great, it’s even more effective as part of a multi-layered managed approach to cybersecurity and cyber threat prevention.
Increase Your Security Defense
Although there are some companies that will try to sell you on the idea that their solution is the be-all and end-all of cybersecurity solutions, the truth is that internet threat prevention is a challenge because no system can defend against 100% of all attacks. However, building up your layered defense and creating additional walls for attackers to try to break through by using an effective firewall and antivirus can slow down an attacker’s assault on your system and give your managed cybersecurity services provider time to respond to block their advance.
For FPA’s managed cybersecurity clients, we combine the use of Cisco Umbrella with our SonicWall Firewall and ESET Antivirus to establish an additional layer of security. Slowing down the rate of attack allows our security experts to investigate where the attacks are coming from so they can be stopped and the gaps in security can be quickly addressed.
Whether you’re part of a small business or a large corporation, your organization is not immune to the ever-increasing occurrence of cyber attacks. So, if you have not yet done anything to prepare your business, now is the time to do so before it is too late.
What are your thoughts on this topic? And, how do you protect your network, data, and endpoints? Be sure to share your thoughts in the comments section below or reach out to me if you’d like to discuss this topic more in-depth.