Ransomware gangs get by your antivirus software. Then they hide what they are doing to your priceless files.
As reported by Bill Toulas in BleepingComuter:
Ransomware gangs are actively promoting intermittent encryption as a feature of the software they sell to other cyber criminals on the underground web.
By encrypting just 50% of each file, they can escape the attention of many antivirus defenses.
Cybercriminals keep innovating. What can we do about it? Our defenders can keep innovating, countering the moves made by the thieves. But beyond defensive adaptions, cybersecurity companies offer Endpoint Detection and Response (EDR) technologies.
EDR services assume that attackers will penetrate our defenses and seek to create footholds in our computers and servers. In these footholds, the attackers can bide their time and gradually inspect our systems, encrypt files, and spy on our activities.
In response, the EDR services constantly monitor the places that malware can hide out and watch for changes. When an attacker breaches our defenses and drops payload on our systems, EDR can detect the changes and sounds an alert. The EDR Security Operations Center monitors these alerts, carefully distinguishing false alarms from real threats.
Interested in EDR? Give us a call at 952.922.1120 or send us an email...