Ransomware protection

Ransomware is a form of malicious programme used by criminals to extort money by locking and encrypting your business devices and data.

Illustration ransomware protection

What is ransomware?

Ransomware is a type of harmful programme that hijacks control of the businesses or individual user’s computer, device or data, then demands payment to restore normal access to the ransomed content or system. Ransomware typically exploits software vulnerabilities and human behaviour to gain access to your business endpoints or network.

Main types of ransomware

There are two main types of ransomware commonly seen today:

  • Crypto-ransomware will encrypt files on a computer, essentially 'scrambling' the file contents so that the user can't access it without a decryption key that can correctly 'unscramble' it. A ransom payment is demanded in return for the decryption key
  • "Police-themed" ransomware will try to cloak their actions by appearing to be a warning from a local law enforcement authority, supposedly for possessing materials that are illegally downloaded, pornographic or otherwise contraband. The ransom demand is described as "payment of a fine", or similar

Financial impact of ransomware

Ransomware is one of the most prominent cyber threats today and has attracted attention in the mainstream media in the last few years as major corporations and governments reported being compromised by the threat. Costs of ransomware vary depending on the size of the attacked business and severity of the breach, but recent ransomware attacks’ cost is measured in the millions of dollars to individual businesses.

Financial impacts on the business:

  • Disruption in business operations
  • Remediation costs
  • Potential long-term damage if encrypted data is not recovered
  • Amount of ransom paid

Stop ransomware in its tracks with F-Secure Elements Endpoint Detection and Response

Well-prepared organisations use a preventive layer like endpoint protection platforms to block commodity malware threats such as ransomware, which prevents most malicious code execution in the target environment. However, advanced attackers are able to remain undetected by using low and slow attacks, eventually finding a way around the preventive layer. This is where F‑Secure Elements Endpoint Detection and Response comes into the picture.

Main Features of F-Secure Elements EDR

  • Broad Context Detection™: flags indications of possible breaches by alerting admins of Tactics, Techniques and Procedures (TTPs) used in targeted attacks from abnormal activity of standard programmes to running of unexpected scripts. Some detection may require deeper analysis and guidance by specialised cyber security exports. To address this, the “Elevate to F-Secure” service alerts F-Secure analysts immediately and provides them with access to the incident data to help you to solve the case.
  • F-Secure Security Cloud: F-Secure Labs analysts actively monitor the threat landscape for new threats and research the most effective ways to detect ransomware, which go into updates to the rules used by the databases and analysis systems. The updates then take 60 seconds to replicate across all products connected to the Security Cloud, ensuring that they always have the latest threat intelligence.