2 min read

The Need to Get Proactive in the Fight Against Ransomware

April 15, 2016

Ransomware attacks are more than just a nuisance. They can impact negatively on productivity across a business and question whether we can ever escape the threat of a ‘zero-day’ attack.

The recent hit to three hospitals in the US only serves to highlight the very real threat to any form of business that cannot afford network downtime (and are as a result, more likely to pay the ransom to get back up and running). It only takes one staff member to open an infected attachment before it travels swiftly across the network, locking up computers and file servers, rendering them hostage to the hackers.


It is important to remember that the attack on the US hospitals is not an isolated incident. Thinking back to January, Lincolnshire County Council were in much the same situation. As a result of a ransomware attack, all IT systems were taken down, affecting them for days with the added embarrassment of a very public impact on their reputation.

Many are predicting that the number of ransomware attacks will grow in 2016. In fact, a report from McAfee Labs suggests that advanced software is making it easier to threaten a wider range of data and as a result hackers can turn their attention to more companies.

The prominent question now, is not whether a business can avoid becoming a target, but how they can prevent infection or limit the effects.

Traditional antivirus comes with its own problems, from slowing down devices to finding only a small proportion of viruses. However, many will stick with it as box-ticking exercise and necessary evil, in the hope that it will help them to avoid an attack.

But traditional AV doesn’t work. When weighing up the options for protection against ransomware, there is a very exciting alternative proposition that has now matured into a very efficacious solution. Using technologies that permit malware to execute in order to detect and respond is an unnecessary approach.

‘Next Generation’ end-point malware detection and prevention is now rising to prominence in the UK. Early adoption of such technologies is vital to prevent establishments being held hostage.

By using artificial intelligence, it is possible to identify and prevent known and unknown threats from ever executing or impacting your endpoints. By using predictive mathematics, the need for daily updates is relinquished. That means no daily scans, and no hit to CPU performance. After installation, it will carry out a one-off check on all existing files for malware, not having to wait for it to fire, in order to discover it.

I have been involved in the technology sales industry since the mid 90's and have scarcely been more excited about the emergence of a new technology. My reaction to Cylance has been mirrored by almost everyone I have spoken to about the technology..."That's too good to be true!"  So we tested it!

We have removed AV from our own network and have been running Cylance on all our endpoint devices (and servers!) since the start of this year and have been delighted by the results.

Subscribe to the LAN3 Blog

Topics: Security

Written by Martin Jones @ LAN3