New Comodo Report Redefines Endpoint Protection for 2021

New Endpoint Protection

Endpoint Protection for 2018

Comodo, IT security firm provides new understanding and outlook on the current state of endpoint security. It came up with the report with a title “Endpoint Protection for 2017 and 2018 – Redefined” It states that the revised Endpoint Protection Platform delivers an efficient and robust analysis of the current challenges that any endpoint security vendors face today.

The report additionally gives new and profitable proposals to security and risk management manager pioneers as they assess their choices.

The Drivers Behind The Report

It’s been more than a long time since Gartner described endpoint protection and in the resulting years — especially over the previous two years — Comodo has watched real changes affecting all activities of the 20-year-old endpoint security market. Some factors that made Comodo accept and believe the requirement for a new and novel approach of definition which includes the following

Vendors have constrained their ability to change quickly and easily by including new features year after year that are not any more successful against present day malware threats, for example, current day ransomware attacks.

A similar legacy sellers harboured their clients to expensive on-premises, hardware based arrangements that are not considered important with the present day advancement in cloud computing and SaaS models.

Endpoint detection and Response (EDR) and security solutions were observed as discrete items.

Progressions in security advancements, for example, machine learning and behavioural examination have decreased the requirement for legacy security features like antivirus signatures.

Various new merchants have entered the market with “point” arrangements that comprehend a restricted bit of the issue however don’t meet the more extensive criteria of a full endpoint protection system.

Consolidating administrations, similar to threat chasing, with innovation arrangements which has demonstrated compelling solutions in guarding against complex assaults that are winding up progressively common.

Real Changes and Recommendations From Comodo

The report recognises important changes in the EPP market and offers suggestions for security and risk administration pioneers as they assess a huge crowd of sellers. A synopsis of these are as per the following:

Conventional features have been dropped: DLP, MDM and particular security for servers were removed from the EPP definition.

EDR is presently part of the suite: Comodo reasoned that EDR has seen expanded selection because of the acknowledgement that it’s unrealistic to completely obstruct 100% of malware attacks. Comodo is presently making the combination of behavioural and machine learning procedures for counteractive action, detection and reaction, as a vital approach.

More value on managed searches: Companies are to include managed searches whenever possible. This can expand internal security methods, paying little respect to a company’s size, complexity or staff assets.

Less value on versatile and Virtual Desktop Infrastructure (VDI): The clients search for solutions intended to protect both MacOS and Windows. They do not consider VDI, servers and mobile anymore, as a key buying criteria for EPP.

Moving to the cloud is urgent: This refers to various efficiencies around both risk viability and regulatory overhead that can be accomplished by opting EPP sellers that offer cloud-based platforms.

Comodo’s definition on the new Endpoint Protection

The Endpoint Security System form Comodo functions based on the client-server model. A security software is present within the network on centrally controlled server. The client server is located on each endpoint. The security software authorizes the user login attempts that done from the endpoints.

Comodo Endpoint Protection tool has the following features

  1. Containment with auto-sandboxing
  2. Web URL Filtering
  3. Comodo Firewall
  4. Antivirus
  5. File Lookup Services (FLS)
  6. Host Intrusion Protection System (HIPS)
  7. Viruscope (Behavior Analysis)

Endpoint Protection for 2018
Related Resources
Endpoint Protection
Trojan Horse
Endpoint Detection and Response
Managed Threat Detection and Response
EDR Security

Ransomware Attacks 2021

Malware Analysis

Malware has come into a new age with attacks on computer systems increasing rapidly. What is Ransomware? It is a form of malicious software that targets your computer limiting access until you pay a ransom. In the last few months, hackers have actively resumed ransomware attacks.

Simply put, hackers are hindering people from accessing their networks and asking for huge payments to regain access. The hackers have managed to cripple government networks. The New York Times ran a report on February 9th about a maritime cargo facility shutting down temporarily.

Small businesses were crippled and hospitals were forced to turn away patients. These events were blamed on ransomware in which entire computer networks shut down. The hackers then demanded colossal amounts of money to have them running again.

How often do these attacks take place? This may not be known since lots of victims choose to pay the ransom without informing the authorities. However, ransomware attack 2021 show a sharp increase in cybercrime.

History of Recent Ransomware Attacks

Ransomware is not new. Hackers have been demanding ransom money for access to computer systems for years. The first ransomware happened in 1991. It was called PC Cyborg and was spread by a biologist. The biologist sent floppy disks to fellow biologists researching AIDS.

The first ransomware to use encryption was Archiveus which rolled around in the mid-’00s. Luckily, this one was defeated a while ago. Its password is even available to the public on Wikipedia.

Malware Analysis

‘Police’ ransomware packages came about in the 2010s. They were given the moniker ‘police’ because they were ostensibly warnings from the police about illicit activities by victims. Their ransom demand came in the guise of fines.

They were able to capitalize on the recently introduced anonymous payment services and got away with it. Then the new trend of using cryptocurrencies to pay ransoms emerged. Cybercriminals were impartial to this method because it was untraceable and completely anonymous.

Most of the hackers preferred to be paid in bitcoin before it rose in value and popularity. They moved on to other currencies as a result.

The Mid 2010s, saw ransomware virus rising rapidly to the point where they were deemed a catastrophic. However, they seemed to fizzle out in favor of cryptojacking by 2018. Cryptojackers were so sneaky that their victims were barely aware of their actions.

Recent Ransomware Attacks

Ransomware attacks are not about to be history anytime soon. At least that is what recent data indicates. What with more hackers threatening to expose sensitive data from their victims? If the victims refuse to or cannot meet the hackers’ demands, then their data may be used for nefarious purposes.

Also, they threaten to use the data in future spam attacks if their demands go unmet. The new ploy is known as ‘double extortion’. It reared its ugly head in late 2019 but several cybercriminals have taken a shine to it in 2021.

Hackers push their victims to the brink by posting sensitive data to affirm their threats. This is bound to be calamitous and victims may be forced to either pay up or close down.

Ransomware target big and small businesses alike. In ransomware in 2021 news, a cargo transfer facility was forced to shut down for over thirty hours. They gained control of the company’s industrial control systems. They also had in their power files that were essential to their process operations.

At least three-quarters of ransomware end up in data being encrypted. In the last year alone, 51% of businesses were affected by ransomware. Most of these attacks resulted in data being encrypted. At least 26% of the victims paid a ransom to get their data back.

26% of victims whose data was encrypted got their data back by paying the ransom. A few of those who paid the ransom did not get their data back. However, 95% of businesses that paid the ransom got back their information.

Also, most of the organizations got back data that was encrypted. Many got their information back through alternative options such as backup rather than paying the ransom.

A further 1% paid the ransom but didn’t get their data back. Overall, 95% of organizations that paid the ransom had their data restored. When you pay the ransom, you multiply the cost of enduring a ransomware virus attack.

There are various factors to be considered concerning the costs of a ransomware. These include lost opportunities, downtime, device, and network costs. Add the cost of the ransom and the expenditure goes through the roof.

Ultimately, an organization that refuses to pay the ransom may run up costs amounting to US$732,520. On the other hand, those that pay the ransom will double their costs to about SS$1,448,458.

The private sector is more likely to be targeted by ransomware than the public sector. The numbers run at 45% of public sector organizations hit by ransomware to 60% of private-sector ones.

That is in the last year alone. The organizations hit include the entertainment and leisure industries as well as the media. Moreover, many of the successful ransomware viruses include data saved in the cloud.

A weak link in many of the organizations is found in their cybersecurity insurance. While many have cybersecurity insurance, only a few have invested in ransomware insurance covers. The advantage of this insurance cover is that it pays the ransom should your business be affected.

Organizations that have a ransomware cover are highly likely to have the ransom paid by their insurance company.

Top 5 Latest Ransomware Attacks

Every month of the year 2021 has reported several ransomware spreads. Ransomware in 2021 statistics indicate that over 70 reported cases by the end of May. The records may hit the hundreds by the time the year ends.

  1. Travelex
  2. Redcar Council
  3. CPI – California
  4. Energias de Portugal (ADP)
  5. In Sports Head Office

Travelex: The attack on Travelex on New Year’s Eve compromised the company’s websites in over 30 countries. This resulted in utter disarray for foreign exchange transactions in the first month of the year. The hackers allegedly demanded a $6 million ransom.

Redcar Council: An attack on England’s Redcar Council had employees resorting to the traditional pen and paper. A ransomware attack on the company rendered 35,000 United Kingdom residents unable to access public services online.

CPI – California: The defense contractor was forced offline by a ransomware. The company had to part with approximately $500,000 in the January attack. By March, they had not yet resumed operations.

Energias de Portugal (ADP): Cybercriminals attacked the huge Portuguese energy company in April. The criminal demanded a hefty €9.9 million!

In Sports Head Office: In New South Wales, In Sports Head Office was dealt a heavy blow by a cybercriminal. They were not able to confirm what data was compromised. However, they confirmed that REvil/Sodinokibi ransomware was used in this attack.

How to Prevent Ransomware in 2021?

Several industries, including finance and healthcare, have been ravaged by ransomware. Consequently, many businesses have invested in ransomware prevention and response. No company big or small is immune to attacks from cybercriminals.

Ransomware virus attacks on government systems have led to complete shutdowns of IT systems. Many organizations opt to pay the ransoms to resume operations as soon as their data is restored.

The impact of a ransomware can be devastating as it may result in the loss of crucial data. Here are some examples of ransomware viruses attacks and their consequences:

Crypto Ransomware: It prowls through your computer or network in search of specific data that is important to you. It then collects data such as images and PDFs as well as texts. If you fail to comply with their ransom demands, your data is gone forever.

Locker Ransomware: This one locks your entire system and hinders you from logging in.

Scareware: It limits your access to the data as well as the system. The only difference between this and locker ransomware is its ransom methodology.

Doxware: This one threatens to expose sensitive information such as personal identification and financial information on the internet. You are required to pay a ransom to prevent this.

There are lots of anti-virus products to choose from to protect your data. Investing in a good one is crucial for any organization. Here are some preventive measures you can take to protect your data.

Identify Ransomware Behavior: Organizations can identify ransomware behavior by installing ransomware protection software. Ransomware can be traced because they have observable patterns. Once these are detected, they can be blocked.

One way is to develop a snare such as files that seem real to them. The cybercriminal is triggered and will most likely come after the bait. However, this measure only works to reveal the hackers’ scheme.

Backing Your Systems Up: A system backup saves you a lot of grief if your data should you lose your data or get hacked. Have it backed up both on the cloud as well as locally. It is a convenient way of ensuring you’re your sensitive data does not fall into the hands of cybercriminals.

Should a ransomware virus hit your system, the backups allow you to clean up the affected system. Then you can repair it with your updated backup data. Backing your data up in the cloud offers further protection.

Restricting Access to Your Data: This is done through network segregation and is important for all kinds of cyber threats. When access to data is restricted, even cybercriminals are not able to get to it easily. Segregating network safeguards data in the event of a ransomware virus attack.

Anti-Malware/ Anti-Ransomware Software: The anti-virus in place may not have all the necessary features to catch and remove ransomware. The best security software is threefold. It contains anti-virus, anti-malware, and anti-ransomware protection. These must be routinely updated and reviewed.

Disable Vulnerable Plug-ins: Plug-ins such as flash offer an easy pathway for hackers to corrupt your system. They can use them to launch an attack and infect your system. This renders all your data vulnerable and it can be used to extort funds from you. Updating your plug-ins regularly is crucial to prevent your system from virus attacks.

File Extensions: All documents should include relevant viewable file extensions from trusted sources. It is necessary to protect the system from downloading inconsequential documents that may be coming in from suspicious sources.

Ransomware Awareness in the Workplace: Human error is to blame for most ransomware virus attacks. The solution is to ensure the employees are aware and sufficiently trained to prevent and handle it. Workers must be aware of the many hacking techniques that exist.

They should know not to click on unknown links or checking out malicious content as the ramifications could be dire. All links and attachments should be verified before they are opened and the source carefully analyzed.

Also, ransomware virus attacks can take a variety of forms. Phishing is simply one among many. Employees who work remotely must use open or public Wi-Fis. Hackers can easily access these and attack your system.

Create Strong Passwords: Weak passwords are very easy to break. Avoid using easily accessible information such as your birthday to create passwords. Also, using the same password to access all your accounts allows hackers to access your system.

Ultimately, do not use information that is readily available to create your passwords. Some passwords are made up of information that can be easily accessed via the victim’s social platforms. These are weak and will take no time for even a rookie hacker to figure out.

Hence, companies and institutions should uphold a strong passwords policy to deter any cybercriminals trying to get in.

Reject Attachments and Emails from Unknown Sources: A large number of ransomware viruses access computer systems via email. When you download malicious content, you may corrupt your entire system and allow the cyber crooks in.

Conclusion

Ransomware attacks have left companies and institutions reeling in the wake of the devastation caused. Companies must invest in security software that will deter cybercriminals from accessing sensitive data.

Also, training the workforce to detect and prevent these attacks is crucial. Additionally, businesses must always keep their data backed up locally as well as in the cloud.

As the malware continues to evolve, so does the software to detect and eliminate it. Companies must always remain one or more steps ahead of hackers to keep their computer systems safe.

What Is Endpoint Security

Website Backup

Website Status

Related Resources

Ryuk ransomware

Check Website Safety

Backdoor Website

Is this Website Safe Checker