Skip to main content

10 Essentials for Businesses in the Middle East to Stop Ransomware Cyber Attacks

By: Ashraf Sheet, regional director, Middle East and Africa at Infoblox

Ransomware is today the number one cyber threat to businesses. Since cyberextortion first appeared in 1989 as “PC Cyborg,” it has grown, evolved, and come into widespread use among hackers—and in 2017 it has fully come of age. Hundreds of new variations have sprung up this year. Ransomware is a relatively brazen attack where a malware infection is used to seize data by encrypting it, and then payment is demanded for the decryption key. There has been a seismic shift in the ransomware threat, expanding from a few actors pulling off limited, small-dollar heists targeting consumers to industrial-scale, big-money attacks on all sizes and manner of organizations, including major enterprises.

It’s not always about the money though. Some ransomware is not designed primarily to make you pay up, but instead to disrupt operations or wipe data from computer systems.

The Role of DNS in Ransomware Attacks

DNS is the address book of the Internet, translating domain names such as www.google.com into machine-readable Internet Protocol (IP) addresses such as 74.125.20.106. Because DNS is required for almost all Internet connections, cybercriminals are constantly creating new domains and subdomains to unleash a variety of threats including exploit kits, phishing, and distributed denial of service (DDoS) attacks.

Most modern malware used in a ransomware attack, uses DNS at one or more stages of the cyber kill chain. DNS may be used during the reconnaissance phase when it is a targeted attack. It is used in the delivery phase as potential victims unknowingly make DNS queries for IP address involved in the attack. It will also be used in the email delivery process when the ransomware propagates via spam campaigns. Likewise, the exploitation phase may involve DNS queries when the victim’s system is compromised and infected. DNS is frequently used when an infected system checks in with the command and control (C&C) infrastructure. Given that DNS plays such an important role in the ransomware kill chain, it becomes a crucial control plane to prevent, identify, and detect such attacks and resolve them faster.

Organizations in the Middle East can stop Ransomware with the following 10 essentials:

Watch your Back - Always backup your essential data.
Stay Current - Prioritize and apply the latest security updates and patches.
Segment for Safety - Limit spread of ransomware with network segmentation.
Get the Word Out - Train employees in safe email and Microsoft macros best practices.
Implement DNS Response Policy Zone (RPZ) - enforcement to prevent data exfiltration and block DNS communications with malicious sites and command and control servers.
Monitor DNS Requests - to identify suspicious DNS activity and to detect “kill switch” domains that can be used to disable some types of ransomware attacks (e.g., by redirecting requests to internal “sinkholes”).
Improve Visibility and Discovery - with tools that can detect unauthorized or compromised devices and virtual machines anywhere on your network so you can automatically block their access and ensure compliance.
Use Data from DNS, DHCP and IP Address Management - to gain valuable insights that help you see ransomware attacks in context so you can better understand risk and prioritize remediation.
Harness Threat Intelligence - consolidated, curated, and updated—to detect, prioritize, and anticipate evolving threats.
Integrate Security Response - to accelerate remediation by sharing threat data, malicious events, and context across entire security ecosystem including endpoint security, NAC, SIEM and other technologies.

Popular posts from this blog

Cloud Computing powering India’s priority of ‘Digital-first country’

By: Sunil Mahale, India MD and VP, Nutanix
Digital transformation has been recognized as being vital to the growth of our nation. This transformation has enjoyed the unanimous approval and contribution from all stake holders including enterprises, MSMEs, government bodies and citizens. But this level of adoption in a country with a population of over a billion people would need a robust technology base that is capable to collecting and distributing vital data seamlessly.
Digital India envisions creating high speed digital highways, that will impact commerce and create a digital footprint for every individual. Technologies based on mobility, analytics, Internet of things and most importantly, cloud technologies are the building blocks for the digital India missionThere is a growing need to manage huge volumes of data, and making them readily available to public through digital cloud services. Cloud has a pivotal role in enabling this change.
While Data centers have become crucial to th…

Semalt Expert Tells The Reasons Qualitative SEO Services Are Not Cheap

Just like the internet, Search Engine Optimization is constantly changing. Also, it's becoming more difficult to perform a good SEO as soon as Google is continuously improving the algorithm of ranking websites. SEO becomes more complicated so you should expect to pay more for hiring SEO specialists or agencies.
The leading Customer Success Manager of Semalt, Igor Gamanenko explains what factors force SEO services cost increase.
SEO Expertise
SEO has been undergoing the crucial changes and updates over the last 10 years. In the early days of SEO, Google only was caring about the technical aspect of your website, links and keyword metadata to rate you higher. The rating guidelines were quite easy: all you had to do was using some keywords in your metadata and more links than your competitors. This was enough to give you a higher ranking in search engines.
Today, the game has completely changed. Through semantics, Google has a better understanding of internet searches, so it can judg…

RevStart launches its RevItUp Incubation Programme

Underlining its vision of creating a nurturing ecosystem for start-ups to grow in, RevStart, a co-working and incubation centre, has announced the launch of its RevItUp Incubation Programme. The 12-week long programme will be held at RevStart Incubation Centre in Noida from July 1, 2018 onwards. As part of the programme, RevStart will select five high potential start-ups from the ed-tech sector, AI, Consumer Internet, Sustainability, as well as for-profit social impact companies to assist them with developing their business, along with connecting them to global mentors across industries and sectors. In addition, start-ups selected for the programme will receive INR 5 lakh to Rs. 25 lakhs worth of cash and benefits, while RevStart will get an equity stake in the ventures.
The RevItUp Incubation Programme has been created to enhance the founding team’s industry, product, and company building knowledge and capabilities through a world-class curriculum. The programme will focus on tailor…