Automated Detection and Disinfection of Ransomware Attacks using Roadblock Software
We often hear about ransomware locking data and demanding the ransom. Ransomware is a kind of malware that prohibits users from accessing their system or files and mostly requires a ransom payment to regain access. This results in data loss, downtime, lost productivity, including reputational harm. Financial losses from ransomware attacks are predicted to exceed 11.5 Billion Dollars in 2019 with ransomware attacks on businesses every 14 seconds. The extension and complexity of ransomware are advancing at a high rate. Malware authors utilize several sophisticated techniques to evade current security defenses, and all the encryption happens in less than a minute. So, there is a need to develop an automated software that performs detection of various kind of ransomware without depending on the signature of malware, and that can also disinfect the live system against various kind of ransomware attacks under a minute and thus containing the infection from further spreading it to other systems. The software should also notify the incident response team of the detected ransomware attacks and its IOCs so that they can further protect the organization from a similar type of attack. Roadblock software solves this problem by detecting various kinds of ransomware attacks and dis-infecting the system without any need for a reboot in less than a minute. It leads to no data loss, no downtime, no lost productivity, and no reputational harm. The dis-infection process is not dependent on malware signatures or malware coding, and it works by performing fast and deep forensics of the system that is pre-installed with Roadblock, so that it can detect new ransomware variant.
39480 (PDF, 3.78MB)
18 Mar 2020Related Content
Malware Function-based encryption technique
Research PaperRecent malware often uses techniques to evade detection by cybersecurity products. One of the...
- 22 Jun 2022
- Hirokazu Murakami
Detecting Unauthorized Behavior From Legitimate Accounts
Research PaperIncident Responders face an almost insurmountable amount of log events, and the move to the Cloud...
- 22 Jun 2022
- Rodney Caudle
Recover an RSA Private Key from a TLS v1.2 session
Research PaperCyberattacks happen every day.Most organizations have administrative and technical controls...
- 22 Jun 2022
- Johan Loos
Cyber Guardian Exercise: A Case Study in Brazil to Address Challenges in Cybersecurity and Protect Critical Infrastructure
Research PaperDiscussions of cybersecurity, in particular those associated with critical infrastructure (CI),...
- 22 Feb 2022
- Maxli Barroso Campos
Recommendations for small/medium-sized businesses enabling incident response
Research PaperSecurity incidents are inevitable. While large businesses can afford security teams to prepare and...
- 17 Jan 2022
- Luke Pearson
Black-Box Fuzzing for Android Native Libraries
Research PaperMany Android application developers are adopting C\C++ native language development in their Android...
- 12 Jan 2022
- Nawaf Alkeraithe
Machine Learning Techniques for Intrusion Detection
Research PaperThis paper aims to equip intrusion analysts with the basic techniques needed to apply machine...
- 9 Jun 2021
- Yih Han Tan
Detecting DLL Search Order Hijacking: How using a purple team approach can help create better defensive techniques and a more tactical SIEM
Research PaperMany SIEM analysts will recognize the feeling of being overwhelmed with security logs and alerts,...
- 4 May 2020
- Lasse Hauballe Jensen
Corporate Information Governance with Business Wisdom
Research PaperWhether a secret ingredient used for a lemonade stand across the street or the business strategies...
- 4 May 2020
- David Alexander Cruz Urena
Assisted Security Investigations Using Cognitive Computing
Research PaperThe purpose of this research is to illustrate the application of cognitive computing and machine...
- 3 Dec 2019
- Lori Stroud
Leveraging the PE Rich Header for Static Malware Detection and Linking
Research PaperAn ever-increasing number of malware samples are identified and assessed daily. Malware researchers...
- 1 Jul 2019
- Maksim Dubyk
Analysis of a Multi-Architecture SSH Linux Backdoor
Research PaperA key aspect in any intrusion is to attempt to gain persistence on the compromised system. Threat...
- 17 Jun 2019
- Angel Alonso-Parrizas
Unpacking and Decrypting FlawedAmmyy
Research PaperMalware authors commonly utilize packers (Roccia, 2017) as a method of concealing functionality and...
- 22 Apr 2019
- Mike Downey
Continuous Security Monitoring in non-Active Directory Environments
Research PaperActive Directory-centric monitoring techniques, tools, and methodologies have dominated information...
- 20 Feb 2019
- Blair Gillam
Intrusion Prevention System Signature Management Theory
Research PaperThe intrusion prevention system (IPS) serves as one of the critical components for a...
- 5 Feb 2019
- Joshua Levine
SDN Southbound Threats
Research PaperSDN (Software-Defined Networks) technologies are based on three pillars: decoupling control and...
- 20 Nov 2018
- Mohamed Mahdy
Processing experimental protocols against IDS
Research PaperExperimental protocols such as TCP Fastopen, QUIC, and Multipath TCP are not uncommon on...
- 10 Aug 2018
- Tommy Adams
Extracting Timely Sign-in Data from Office 365 Logs
Research PaperOffice 365 is quickly becoming a repository of valuable organizational information, including data...
- 22 May 2018
- Mark Lucas
Automated Detection and Analysis using Mathematical Calculations
Research PaperA compromised system usually shows some form of anomalous behaviour. Examples include new processes,...
- 17 May 2018
- Lionel Teo
Do Random IP Lookups Mean Anything?
Research PaperBeing able to identify the external IP address of a network is usually a benign activity....
- 2 May 2018
- Jay Yaneza
