In an indicator of just how large a threat ransomware has become, Trend Micro has launched a multifaceted ransomware practice.
The company said that it has blocked more than 100 million ransomware threats for their customers in the last six months alone, with 99% of threats blocked from email and web traffic. Against this backdrop, it has debuted a suite of new offerings: Ransomware Readiness Assessment, which helps businesses of all sizes understand vulnerabilities in their security posture, and provides concrete actions they can take; Ransomware Hotlines, which provide advice on ransomware prevention and recovery to all US consumers and Trend Micro U.S. business customers; and Ransomware Removal Tools that help both consumers and businesses that have been impacted by ransomware recover their data.
“Trend Micro is actively assessing the threat of ransomware and acting to protect against it,” said Eva Chen, CEO of Trend Micro. “We understand this pervasive form of cyberattack can be debilitating to enterprises, regardless of size or industry, and can cause grave amounts of stress and costs to consumers. Trend Micro business and consumer products have been tuned to deliver the best protection against ransomware. Our ransomware recovery tools and phone hotlines leverage the threat expertise within Trend Micro to deliver always-on support and help customers to prepare for the possibility of an attack, or quickly if they’ve already been hit.”
It’s also made product enhancements to bolster ransomware protection across four key layers of security:
Email: deeper inspection than traditional email gateways for both on-premise and cloud-based email, such as Microsoft Office 365. This detects and blocks spear phishing emails and attachments or URLs that carry ransomware—the most common way ransomware infects an organization.
Endpoint: endpoint protection capabilities to detect and block ransomware, including the shielding of unpatched vulnerabilities, application control and behavior monitoring to keep an eye out for suspicious activity such as encryption of multiple files, with the ability to halt encryption in its tracks and isolate the infected endpoint.
Network: continual monitoring of the enterprise networks with advanced detection capabilities and custom sandboxing across all traffic, ports and protocols to stop ransomware from infiltrating and spreading.
Server: Trend Micro protects servers, whether physical, virtual or in the cloud, with suspicious activity detection and prevention, vulnerability shielding to stop ransomware from exploiting known server software vulnerabilities and lateral movement detection to prevent ransomware from spreading to other servers.
“The bottom line is that it’s more important than ever to have a multi-layered approach to security for enterprises,” said Doug Cahill, senior analyst covering cybersecurity at ESG.
Photo © DD images