Written by: Daniel Haurey on 04/09/16

Image Vulnerability

Many businesses have built digital fortresses around themselves in the form of firewalls, a reassuring name that suggests a high level of protection. So it’s alarming that ransomware attacks seem to be skirting this important security layer with ease, stopping businesses in their tracks and incurring hundreds or thousands in damages. One recent attack infiltrated users via Adobe Flash.

In a recent report, researchers identified more than 4 million samples of ransomware in the second quarter of 2015 — 1.2 million of them new strains.

The problem is that many firewalls in current use don’t keep ransomware out. Unlike their brick and mortar namesakes, digital firewalls must be constantly maintained and updated be effective. Older firewalls are not, and were never designed to combat the strategies behind ransomware. A key flaw is that they look at facts, not behavior: (e.g.) What kind of traffic is this and do we want it?
red button

But it is in patterns of unusual behavior that ransomware attacks show themselves. In one common tactic, attackers hack a well-trafficked and trusted site and embed a piece of code. When one of your users visits, they get redirected to a site that downloads their code onto the user’s workstation. It then sets out for find the “control and command” center on your network and communicates back to its originator that it has gotten inside your system. The attackers then take over your IT environment. Old firewalls let this code right into your system because it’s ostensibly coming from a legitimate source.

This means every company with older firewalls is vulnerable to ransomware attacks, and you don’t have to be big or noticeable to be vulnerable. Hackers have automated their processes and will exploit any target they can infiltrate.

Next-gen firewalls are far more effective in protecting businesses against ransomware and a host of other threats, using:

  • IP filters: This prevents bad traffic from sources or countries you are unlikely to do business with, but where many attacks originate.
  • Complete Global Management: The firewall evaluates traffic by reputation, geography, botnet behavior, and so on. They can even block a particular subscriber on YouTube while allowing others.
  • Active Monitoring: An IT service provider’s security techs actively evaluate traffic to spot new patterns or identify where exceptions are needed, and can share this information across other customers with ease.

Unfortunately, older-style stateful only firewalls are still in place at many businesses. That’s understandable, because next-gen firewalls can be more expensive.  Security is a moving target, and we believe a managed, next-gen firewall is one of the most important tools you can have to keep your business safe.

Thanks for reading our blog. For a limited time, we are offering a complimentary vulnerability consultation, up to a $1,200 value. We will review your firewall and assess your risks, so you can avoid expensive downtime.