Building on a multi-layered approach to defend against ransomware, LANDESK today announced new capabilities to its LANDESK® Security Suite. With a growing number of ransomware threats menacing enterprises, the latest additions aid in closing security gaps across the entire organisation—a strategy that’s recognized as the best way to battle ransomware.
Ransomware is an imminent threat to organisations and shows no signs of slowing down. According to the FBI, criminals have already collected $209 million in revenue in the first quarter of 2016, and that number could exceed $1 billion by year-end. And while the average ransom is still relatively small—between $200 and $5000—the price is going up.
“The good news is, accepting the inevitable doesn’t mean accepting defeat,” said LANDESK Chief Security Officer Philip Richards. “While ransomware poses a very real threat to organisations and their systems, by taking a sophisticated, multi-dimensional defense to protect against it, organisations can mitigate the negative effects.” Cyber watchdogs like US-CERT and the Center for Internet Security (CIS) agree.
LANDESK Security Suite offers the recommended multi-layered endpoint protection, without disrupting productivity or business operations. With this latest release, LANDESK has expanded its suite in all three critical areas of defense: detection, prevention and remediation. “The LANDESK Security Suite provides a much needed solution that tackles how to respond to ransomware attacks, protect data and devices, and in the worse-case scenario, minimise impact should a security breach occur,” continued Richards.
Detection. No organisation wants to fall victim to malware threats its AV vendor identified and tagged. Still, even with strong protection, it’s important to account for today’s highly dynamic malware, which can transform itself before or after an attack. The Verizon 2015 Data Breach Investigations Report found that 70 to 90 percent of malware samples are unique to a single organisation. That’s why LANDESK Security Suite enhances AV detection with active and passive discovery technologies, visibility across the network and actionable data. In this new release, IT can display information about the applications on each endpoint and act instantly on suspicious and malicious apps.
Prevention. Realistically, ransomware will get in. When that happens, the goal is to minimize the chances it can execute. LANDESK Security Suite offers a range of industry-recommended preventive measures, including, but not limited to, application, device, and connection control and automated application and OS patching.
With compromised websites regularly exploiting known vulnerabilities in software, patching internet-facing applications is particularly critical. That said, it can be time-consuming and applied inconsistently, and may break critical business applications as it seeks to repair others. Even seasoned experts like US-CERT sometimes fail to apply patches as necessary. With that in mind, Security Suite simplifies patch management with best practices, automated processes, fast deployment and no impact on users. In this release, the new Installed Patch Report provides an additional tool for timely, effective patching—offering easy access to data on installed patches and those that still must be applied.
Additionally, Security Suite can now help keep ransomware and other malware from modifying the master boot record and rendering the system useless.
Remediation. Detection and prevention are crucial, and in many cases highly effective, but organisations still need a plan in case ransomware executes on the network. Realistically, all it takes is one user who clicks the wrong link or downloads a malicious attachment in email to fall victim to an attack. Luckily, LANDESK Security Suite adds to the final piece of the protection puzzle. This latest release tackles the most widespread form of ransomware, which encrypts files and hides the critical decryption key before demanding ransom. Security Suite detects any attempt to encrypt files on the local machine, stops the encryption process, and notifies all other computers on the network so the ransomware cannot be unleashed on other users—effectively thwarting the attack.