• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Security   »   Combatting Ransomware with Trend Micro Endpoint Solutions: New Capabilities

Combatting Ransomware with Trend Micro Endpoint Solutions: New Capabilities

  • Posted on:August 19, 2015
  • Posted in:Security, Small Business
  • Posted by:
    Andrew Stevens
0

Ransomware attacks—in which malware attempts to encrypt your critical data files, and demands payment in exchange for the encryption key—are a growing problem for businesses of all sizes.  In fact, Crypto-ransomware variants—ransomware that uses advanced techniques to avoid detection—are on the rise, accounting for more than a third of all ransomware types found in infected systems in the third quarter of 2014.

 

Backup not enough

A complete defense against ransomware must include a good backup strategy. However, even when you can re-image quickly using cloud backup systems, you can’t avoid some operational disruption. Far better to detect and eliminate crypto-ransomware before it can affect your data.

The limits of signature matching

Signature-matching technology continues to be a central element of Trend Micro endpoint defense, accounting for more than 1.4 billion blocked items per month. Signatures are a very high performance method to swat away known malware. However, in the era of advanced malware (including crypto-ransomware), signature matching by itself can’t protect you completely.

OfficeScan anti-ransomware capabilities

For several years, Trend Micro™ OfficeScan™ has gone beyond signature matching with advanced behavioral monitoring, memory inspection other next generation techniques to spot malware. OfficeScan v11 SP1, augments these techniques with improved ransomware-specific enhancements. OfficeScan now uses all of the following anti-ransomware capabilities:

  • Minimize false positives with cloud and local whitelists to leave known good processes alone.
  • Block recognizable malware using existing prevention/detection layers (at the file level with signature or smaller fragments based on unpacking/memory inspection).
  • Improve risk assessment by correlating findings on unknown items with data from the Trend Micro™ Smart Protection Network™ (SPN) global threat intelligence system. If an item is unknown to SPN or has only been seen very rarely, it is flagged as more suspicious.
  • Detect hidden malware activity with behavior-monitoring techniques that spot patterns of unusual or malicious activity. To better spot crypto-ransomware, OfficeScan now specifically watches for unknown processes encrypting or modifying files. Plus, we continually update the behavioral patterns in order to improve ransomware detection rates even more.
  • Kill ransomware processes and quarantine affected endpoints instantly, to dramatically minimize data loss and reduce or block spread of the ransomware.
  • NOTE: Trend Micro is responding with new advanced capabilities that enhance endpoint protection against these ransomware attacks. (Download the latest anti-ransomware patches for OfficeScan™ v11 SP1, Worry-Free™ Standard/Advanced v9.0 SP2, and Worry-Free™ Services here.)

Application whitelisting  

Trend Micro Endpoint Application Control gives you an additional layer of protection on endpoints. Whitelisting capabilities help prevent unwanted and unknown applications (like ransomware and zero-day malware) from executing. You deploy policies that only allow your trusted applications and block all untrusted files/applications. If you purchased one of the Trend Micro Smart Protection Suites, you may already have the license for this protection—be sure you’ve activated it. 

Anti-ransomware with Trend Micro email gateway security

Trend Micro™ Hosted Email Security and Trend Micro™ InterScan™ Messaging Security Virtual Appliance, our cloud-based and on-premises email gateway security solutions, both filter malicious and spam email before it hits your corporate network.

In addition, both solutions provide advanced capabilities to detect ransomware:

  • Spot document exploits and zero-day threats with the Advanced Threat Scan Engine, which combines pattern-based and heuristic scanning.
  • Safely analyze suspicious documents by executing in a sandbox environment (included in Hosted Email Security and optional with InterScan Messaging Security Virtual Appliance). 

Connected Threat Defense

Our endpoint solutions integrate with Trend Micro™ Deep Discovery network breach detection, which uses a custom sandbox environment to safely execute suspicious samples (ransomware, zero-day malware, and others) detected by the network, web, or email gateways. If sandbox analysis discovers malicious code, Deep Discovery rapidly responds by delivering real-time signature updates to your endpoints. Local threat detection and response enables faster time-to-protection and reduces the spread of ransomware and other malware in your organization.

Clean up your systems

In the event of a successful attack, Trend Micro provides cleanup tools that remove the malware and prevent its spread to other endpoints.

Related posts:

  1. Trend Micro Redefines Endpoint Security with Apex One™
  2. AV-Test: Trend Micro Maintains Top Spot in Endpoint Protection
  3. Trend Micro Highest Among Leaders in the 2017 Gartner Magic Quadrant for Endpoint Protection Platforms
  4. Fighting Ransomware with Trend Micro Security 10 and the Trend Micro Anti-Ransomware Tool

Security Intelligence Blog

  • Our New Blog
  • How Unsecure gRPC Implementations Can Compromise APIs, Applications
  • XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Ransomware is Still a Blight on Business
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • Not Just Good Security Products, But a Good Partner
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • Twitter Hacked in Bitcoin Scam
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • Black Hat Trip Report – Trend Micro

Follow Us

Trend Micro In The News

  • Advanced Cloud-Native Container Security Added to Trend Micro's Cloud One Services Platform
  • Trend Micro Goes Global to Find Entrepreneurs Set to Unlock the Smart Connected World
  • Winners of Trend Micro Global Capture the Flag Demonstrate Excellence in Cybersecurity
  • Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
  • Trend Micro Announces World's First Cloud-Native File Storage Security
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.