What is Ransomware?

All Ransomware is Malware, but not all Malware is Ransomware

Ransomware is a type of malware that is spread by malicious payloads from deceptive links in phishing emails, drive-by content downloading from websites or other links in messages from text to Skype. The user is unaware of the ransomware infecting their computer until it’s too late and their system and/or files have been locked down via encryption. A decryption key is not shared with the victim until a ransom payment is sent, which can be as low as $200 for individuals or millions for enterprises, usually paid out in Bitcoins.

Ransomware Uses SSL to Hide
Download the Infographic

If the ransom is not paid, your only option is to wipe your hard drive clean and start from scratch. But ransomware payment doesn’t guarantee the victim will receive a decryption key and if it is, it doesn’t guarantee the ransomware will be removed. It could pop it’s head up again in the future or move on to infect other machines in the victim’s network.

“Paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information. In addition, decrypting files does not mean the malware infection itself has been removed.”
U.S. Cybersecurity and Infrastructure Security Agency

How A10 Networks Assists with Ransomware Protection

Effective ransomware protection depends on complete visibility into your network’s encrypted traffic, so hidden attacks are stopped at the network edge before they can even make it into the network. A10 Networks Thunder® SSL Insight (SSLi®) enables TLS/SSL decryption and SSL inspection to detect ransomware and other exploits hiding in encryption traffic. The solution also has additional preventive security features like URL Filtering and Application Firewall which can be used to block users from accessing known infected websites and applications.

Ransomware Articles and Assets of Interest

 

5 Steps to Enhance Your Enterprise Security with High Performance SSL/TLS Decryption

Besides understanding what is hiding in all this SSL/TLS encrypted traffic, you also need to enforce security and regulatory compliance for current/future standards, regulations and rules.

You need an easy-to-use, fast, and versatile inspection technology that will give you full SSL/TLS visibility into your encrypted traffic without performance degradation from your existing security devices while ensuring compliance.

How can you accomplish this? In the following 5 steps, you will see how you can improve your enterprise security, help you meet regulatory compliance, and maximize your security performance and ROI.

Teach Me More