Ransomware emerged as one of the biggest threats to PC users in 2017. To help ensure that 2018 doesn’t pose as much as a risk, PC security vendor IObit has added anti-ransomware functionality to the company’s solution, Advanced SystemCare Ultimate 11.
The endpoint protection and PC optimization software suite now boasts an anti-ransomware feature, preventing the damaging and potentially costly form of malware from holding victims’ files hostage. It also includes a 150 percent larger threat database, enabling it to detect and block a wider variety of malware.
“We have added a new anti-ransomware engine and enhanced the optimization engine to make our software more powerful in detecting and removing PC threats and achieving top PC performance,” said Bing Wang, marketing director at IObit, in a statement.
Other security-enhancing features include a FaceID function that detects unauthorized access based on a person’s facial features, capturing unapproved login attempts. Its System Reinforce utility can be used to lock down RDP (remote desktop protocol), UAC (User Account Control) and other Windows components that can exploited to compromise a user’s data.
In November, Sophos researchers sounded the alarm on attackers using RDP to spread ransomware.
Small businesses are particularly vulnerable because many rely on third-party IT contractors that use RDP to access their networks. Attackers use Shodan and other network search engines to find open RDP instances and then use NLBrute to launch a brute force attack before finally gaining access and creating new administrative accounts.
After establishing a firm foothold on a victim’s network, cybercriminals get to work.
“Because they’ve used their sysadmin powers to rig the system to be as insecure as they can, they can often use older versions of ransomware, perhaps even variants that other crooks have given up on and that are now floating around the Internet ‘for free,'” blogged Sophos’ Mark Stockley. “In one attack, we saw a folder on the desktop containing four different types of ransomware. The crooks ran each in turn until one of them worked.”
Ransomware can also slip past email filters. Last year a Barkly survey found that 77 percent of ransomware attacks evaded email filtering solutions. More than half of all attacks (52 percent) bypassed anti-malware products and that vast majority (95 percent) passed through firewalls.
Pedro Hernandez is a contributing editor at eSecurity Planet. Follow him on Twitter?@ecoINSITE.