{"id":7985,"date":"2017-06-19T11:00:25","date_gmt":"2017-06-19T19:00:25","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/06\/19\/news-1766\/"},"modified":"2017-06-19T11:00:25","modified_gmt":"2017-06-19T19:00:25","slug":"news-1766","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/06\/19\/news-1766\/","title":{"rendered":"Ransomware & Advanced Attacks: Servers are Different"},"content":{"rendered":"

Credit to Author: Steve Neville| Date: Mon, 19 Jun 2017 17:55:19 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Ransomware<\/a>\u00a0and other advanced attacks are the scourge of the modern IT security team. If allowed to gain access to your IT environment, these attacks could shut down the organization, denying access to mission critical applications & data for potentially days, or even indefinitely. The result? The disruption of service delivery, lost productivity and a hefty hit to reputation and profits.<\/p>\n

While traditionally thought of as an endpoint issue \u2013 93 percent of phishing emails are now ransomware<\/a> \u2013 the reality is that ransomware and other advanced attacks are also focused on your servers. The combination of instantly available infrastructure via the public cloud and the increasing velocity of application delivery to create competitive advantage, has made servers an important target for cybercriminals.<\/p>\n

Servers are different than a traditional endpoint: the applications and operating systems that run enterprise workloads in the data center, in the cloud, and in containers can be extremely dynamic, making the approach to security different.<\/p>\n

A recent Gartner report states that \u201cServer workloads in modern hybrid data centers use private and public cloud computing and require a protection strategy different from end-user- facing devices. Security and risk management leaders should use risk- based models to prioritize evaluation criteria for cloud workload protection platforms.”<\/strong>\u00a0<Source: Gartner, \u201cMarket Guide for Cloud Workload Protection Platforms\u201d, March 2017 G00302941 ><\/p>\n

The fundamentals still matter \u2013 get patched<\/strong><\/p>\n

Servers are workhorses of the enterprise, driving your business forward and supporting your most valuable data; it\u2019s only natural that the bad guys are heading straight for this part of the IT infrastructure, whether it\u2019s in the data center or in the cloud. Ransomware & advanced attacks are being created to take advantage of vulnerabilities found on servers, including the recent WannaCry<\/a> ransomware, which leveraged a Microsoft Windows SMB vulnerability to inject itself onto servers and endpoints. Not to be left out, Linux servers<\/a> \u2013 the dominant server for public cloud<\/a> workloads\u2014are also being targeted, with the recent Erebus attack<\/a> that had a serious impact on a large web hosting firm (and their 3,400 customers!) in South Korea.<\/p>\n

Patching is never easy, but no IT security professional can deny the importance of patching. Modern IT environments are complex systems which require IT departments to manage multiple disparate patching processes, including new approaches like blue-green deployments<\/a>. For mission critical systems, patches are sometimes delayed because organizations simply can\u2019t afford the downtime needed to test and roll-out fixes. It\u2019s estimated that it takes enterprise firms approximately 250 days for IT and 205 days for retail businesses to fix the software flaws<\/a> in their enterprise applications. It only takes one exploit to get through for your organization to hit the headlines as the next major ransomware victim. In addition, for either operational or financial reasons, close to two years after end of life many organizations are still running Windows 2003<\/a>, which means no patches are available and mitigation strategies \u2013 often expensive \u2013 have to be in place or the risk of exposure goes up exponentially.<\/p>\n

Hybrid cloud is complicated<\/strong><\/p>\n

The hybrid cloud includes physical, virtual, cloud and container workloads, with new technologies like serverless functions and processes like DevOps<\/a> introducing new complexity in the way that your organization operates. While embracing new technologies to gain benefits like increased agility and rapid application delivery make good business sense, the reality is that existing architectures also need to be maintained and secured at the same time. If this means that you have accumulated multiple tools along the way to the hybrid cloud, you are probably feeling significant pain just keeping everything running!<\/p>\n

Unfortunately, this complexity can also leave gaps \u2013 who isn\u2019t too busy to get everything done, right?\u2014which cybercriminals are only too ready and willing to exploit. You might have put in place perimeter security, for example, but what if a compromised endpoint accesses a vulnerable file server? Then you have an attack which started inside the network, bypassing traditional security controls. And of course, there is no perimeter in the cloud<\/a>\u2026so what then?\u00a0<\/strong><\/p>\n

Layered security is the right answer<\/strong><\/p>\n

The answer lies in advanced server security solutions like Trend Micro Deep Security<\/a>. It\u2019s been designed to protect workloads across physical, virtual, cloud and container environments with host-based security to shield servers from a wide range of threats including ransomware. Having one product with multiple controls is a great way to both increase security and reduce operational overhead. Powered by XGen\u2122 Security<\/a>, Deep Security includes a range of cross-generational security techniques that can help stop ransomware from hitting your enterprise servers, enabling you to easily:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • Stop network attacks and shield vulnerable applications & servers, leveraging Intrusion Prevention (IDS\/IPS) and firewall techniques;<\/li>\n
  • Lock down systems and detect suspicious activity on servers, using techniques like application control and integrity monitoring that have been optimized for the hybrid cloud; and<\/li>\n
  • Prevent malware and targeted attacks from successfully infiltrating your servers, leveraging proven anti-malware and advance techniques like behavioral analysis & sandboxing<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

With 752 percent growth in the number of ransomware families in 2016<\/a>, the black hats have found a way to generate enough revenue \u2013 $1B in 2016<\/a> \u2013 to invest significant resources in rapidly evolving their attack strategies. With servers at the center of the enterprise, it\u2019s clear that you need a strategy that both secures workloads wherever they might be \u2013 physical, virtual, cloud, containers \u2013 and aligns with the need for business agility that modern technology enables.<\/p>\n

Find out more about how Trend Micro can help at www.trendmicro.com\/hybridcloud<\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Steve Neville| Date: Mon, 19 Jun 2017 17:55:19 +0000<\/strong><\/p>\n

\"\"Ransomware\u00a0and other advanced attacks are the scourge of the modern IT security team. If allowed to gain access to your IT environment, these attacks could shut down the organization, denying access to mission critical applications & data for potentially days, or even indefinitely. The result? The disruption of service delivery, lost productivity and a hefty…<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[3765,714],"class_list":["post-7985","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-ransomware","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7985","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7985"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7985\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7985"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7985"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7985"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}