On May 12 of 2017, the WannaCry ransomware struck across the globe, encrypting computers by exploiting a critical vulnerability in Windows, first discovered by the US National Security Agency. Among its first targets were the British National Health Service, Federal Express, and Telefonica, but soon banks, schools, hospitals, government agencies and other organizations were infected, involving some 230,000 computers in 150 countries, as reported in Wikipedia’s WannaCry Ransomware Attack.
The unexpected widespread damage and economic costs of WannaCry had everyone from IT managers to everyday users anxiously asking: just how do you protect yourself, at work or at home, from attacks by unknown ransomware? Apart from keeping your computer updated with the latest security patches (which would have helped in this case), is there a single surefire security technology that can stop it in its tracks, before it infects you and holds you hostage? And more specifically (for the purposes of this article), how does Trend Micro Security (TMS), our flagship product for PCs, protect you from such threats?
Layered Protection in Trend Micro Security
Trend Micro provides plenty of advice online to help you protect yourself from ransomware. You can get a leg up on good defense by re-reading Christopher Budd’s Ransomware: What it is, why you should care, what you can do to protect against it, published last year on Simply Security. And you can go to our ransomware page Don’t let criminals hold your computer hostage for more facts and tools to address the challenges. But you need to know right away that there’s actually no single, surefire type of security technology that, by itself, can protect you from ransomware and other malware threats. The best endpoint protection is always delivered in layers, using multiple protective techniques.
Trend Micro Security is an outstanding example of this—and two of its newest protective techniques include XGen (cross-generational) machine learning and trusted application protection, delivered across several protective layers. Machine learning stops never-before-seen threats that can evade signature-based protection, allowing TMS to stay one step ahead of the bad guys. Trusted application protection in TMS’ Folder Shield stops changes in protected folders and files by unauthorized applications—those not in the trusted application list. Both enhance TMS’ ability to stop unknown malware and ransomware.
But what do we mean by layered protection? If you picture a king or queen in a castle (you and your computer!) protected by a moat, walls, and soldiers, you have a simple Game of Thrones-type image for how it all works. (The graphic we use here looks more like a target, but perhaps that’s fitting.)
Figure 1. Evolutionary Layered Protection, XGen™, and Folder Shield in Trend Micro Security
First, we use each layer of protection to help determine if a potential invader is good, bad, suspicious, or unknown. If it’s bad, and for any reason we can’t stop it at one layer, we apply the protections in the next layer.
TMS, Machine Learning, and Folder Shield
In the end, though there’s no single type of protection against unknown malware and ransomware, Trend Micro Security’s layered approach provides the right industry-leading protection to keep you safe. XGen™ machine learning adds powerful protection for unknown malware and ransomware. And Folder Shield keeps your most important files being held hostage by cybercriminals. Mac users should know that Trend Micro Security’s Antivirus for Mac also uses a layered approach to protection, applying XGen™ machine learning, along with Folder Shield, to stop malware in its tracks. Unknown ransomware doesn’t stand a chance!