WatchGuard Blog

Understanding the Evolution of Ransomware

As ransomware attacks have become more targeted and dangerous, protecting your business from them is imperative. New attacks focus on high-value victims, demand larger ransoms, and have grown more advanced and difficult to prevent. In early 2020, a new ransomware strain named Maze stole data from infected machines before locking them, giving the ransomware authors an additional revenue stream.

WatchGuard’s Technical Product Manager Ricardo Arroyo recently wrote a guest article for Cyber Defense Magazine explaining the evolution of ransomware, why victims should never pay the ransom (short answer: because there’s no guarantee you’ll get your data back) and how companies and individuals can protect their information. Here is an excerpt:

Layered security is still important. Companies should secure their gateways with next-gen antivirus, intrusion prevention, DNS and URL filtering, and deep packet inspection. Credentials should be secured with multifactor authentication and endpoints should have up to date EPP and EDR solutions and be fully patched. To address ransomware directly, EPP or EDR solutions should have capabilities targeted at preventing ransomware, and organizations should also back up their critical files frequent…If you have gateway or endpoint security solutions that support DLP, you might consider activating them to prevent your precious PII from being transmitted to the criminals.

Read Ricardo’s full article in Cyber Defense Magazine here, and learn more about ransomware attacks like Mailto and MedusaLocker today.