#Petya #WannaCry; Lessons Learned?

Here we go again. Just a different name. #Petya, #Wannacry not much difference in the mass damage they have caused. We are all abundantly aware. #wannacry Ransomware has now been reported in more than 150 countries around the globe, affecting hundreds of thousands of machines and more than 10,000 companies. WannaCry spreads by taking advantage of a Windows vulnerability, which was patched by Microsoft in March. #petya has run rampant destroying airline timetables and paralyzing shipping companies, generally massively disrupting major industrials and organizations. It was last month’s news. It is yesterday’s news. But, we are already onto the next. But have we learnt the lessons? Are we truly ready for the next Ransomware attack?

It is clear that the growth of multiple types of Ransomware attacks is accelerating, as seen with WannaCry. Research shows that 50% of companies will experience a Ransomware attack within a year. It’s important to understand that these type of attacks whether they originate from Ransomware or other attack vectors, can cause massive damage to any organization.

In most cases, we should be very clear, that the the IR (incident response) team – will be absolutely helpless 

In this blog, you’ll learn about YazamTech’s method to help organizations that are infected with Ransomware, APT’s or other kind of sophisticated attacks, and how to be fully protected while using our SelectorIT solution.

YazamTech is an innovator of a comprehensive cyber security range of File Stream Filtering Solutions. YazamTech’s proprietary products Manage & Control the risks of Advanced Threats, both known and unknown, with minimal effect on the File Stream Activity, Business Continuity and an Optimal User Experience.

YazamTech products are targeted to the Medium and Large Enterprises and to organizations that have to protect their networks and assets against malicious incoming files, from all sources (emails, browsing, FTP etc) that penetrate the network and the leakage of outgoing files which flow out via a variety of mediums, including: E-mail, browsing, file transfer, file system, removable media, and more.

YazamTech’s solutions provide the security administrator with the autonomy to determine a recursive process. YazamTech provides the ability to: Analyse the original data files, Remediate their content and Synthesize clean new files.

YazamTech can help to:

1. Identify the primary infector (Either a SPAM email with malicious hyperlink or infected file attachment) and send an immediate alert to the SOC/SIEM.
2. Remediate the problem using many types of actions for the IR team to choose: Block/ remove / reset unwanted embedded files and objects. The IR team might decide to send the suspicious file into quarantine mode.
3. Synthesize – Rebuild / renew / reassemble new filtered files – The IR team might decide to clean the file and bring it back to a pre-infected stage, using YazamTech’s technology.

YazamTech provides a legitimate and inevitable cyber security layer that every IR team will need, that will need to be implemented sooner rather than later.

YazamTech provides Data Sanitization and Laundering for Deep Content Filtering. YazamTech technology provides protection against various modern threats: APT (Advanced Persistent Threats), Zero Day Attacks, Ransomware and Data Leakage (visible and hidden).

Let’s not wait for the next round.