Stopping Ransomware Using Deception

Nathan Studebaker

deception.jpg

Deception technology is prime for a comeback in 2017, and here are two big reasons why:

That’s right, Billion, with a B. Preventative solutions like firewalls, anti-malware, and patching aren’t doing enough to reverse these trends. Businesses will need to implement solutions that address the ‘average time to detection problem,' and the ransomware problem. The most direct approach to solving these problems is by using deception technology.

In today’s article, we’ll talk about deception technology, and it’s role in cyber security and anti-ransomware solutions.

Take Away the AdvantageWhite-Mouse-And-Cheese.jpg

Often the best answer is a simple answer, so we’ll use a straightforward example. Let’s say you’re a mouse. You find your way into a new house, and eventually, you find the kitchen. To your amazement, the kitchen is filled with delicious cheeses. I am talking about cheddar, swiss, gouda, harvarti, the works! You’re in mouse heaven for 205 days as you consume whatever cheese your belly can handle. At the end of the 205 day feast, you realize that you need a little break from all the eating. But you also don’t want to share any of the leftover cheese with anyone else. So you put all the remaining cheese into a locked safe, and you leave a little note, which says that if anyone wants access to the cheese, they have to pay you in cash first. This is your cheese now, no-one else can have it!

Now let’s use the same example again, but this time, we’ll incorporate deception. You, the little mouse, find your way into a house and into the kitchen. The kitchen is filled with all sorts of cheese. Right away you devour some smoked gouda, and then from the corner of your eye, you spot the largest block of cheddar cheese you’ve ever seen. You waste no time and scurry over to the giant block of cheddar, and without hesitation, you dive in, nose first. Your mouth is open, and you're about to take your first bite when…BAM! It’s lights out for this little mouse. That large block of cheddar cheese that you so badly wanted was actually a mouse trap. See, the owners of the house are clever, and they know that some little mouse would try and eat all their cheese. So they placed traps, all throughout their kitchen so that any hungry mouse that came by was doomed.

This is a simplified example, but I think you get the picture.

In a Nutshell

That’s deception technology in a nutshell. You take away the hackers ability to probe and pilfer the network undetected. Hackers, like little mice, are going to get in. But they only really become a problem when you don’t have a trap set. In the case of ransomware, the trap is called Cryptostopper.

2016-11-15 Stopping Ransomware Webinar.pngRansomware Has a Major Flaw

The key to stopping ransomware isn’t about identifying Tor or Blockchains, nor is it about file extension changes, signatures, or IOCs. The key to stopping ransomware is the encryption process. Just ask yourself, what does all ransomware have in common? They encrypt data!

At WatchPoint we created CryptoStopper, which builds on this principle of monitoring for signs of encryption. Instead of only focusing on elements of detection, we wanted to take a strength of ransomware and turn it into a weakness. That’s what we’ve done with CryptoStopper, and just like a mousetrap, CryptoStopper uses deception.

Summary

Deception is as old as time, from the Garden of Eden to Sun Tzu, and even in WWII where the United States military used dummy tanks to deceive Hitler and his army. Deception has been used over and over again because it’s a tried and true method.

Enter CryptoStopper. The concept is simple; you’re setting an unavoidable trap for ransomware. By seeding the network with bait files, you’re giving ransomware the very thing it’s been looking for, files to encrypt. Set the trap and exploit the weakness of ransomware. Download CryptoStopper today.

Share this: