You already know how ransomware works. Malware gets loaded on to a computer, and quietly encrypts everything of use. When it’s done, you see a message displayed on your screen demanding payment in Bitcoins, and you’re told that if you don’t pay up, you’ll never get your data back.
For many companies, the only choice is to pay up, but that has two complications. First, it costs you a lot of money. Second, it labels you as being willing to pay the ransom, which means you can expect more ransomware attacks.
However, successfully fighting off ransomware is tough. Ransomware varieties rapidly evolve and change almost daily. The chances of your antivirus or your antimalware catching it aren’t very good.
Since ransomware is spread through a variety of vectors, you can’t depend on some of the more traditional methods such as screening email or social network feeds to reliably bock attacks. Even large companies with good security practices sometimes get stung by ransomware.
But there is an anti-ransomware system for SMBs that was developed from an enterprise system that's already in place in the field. It's called RansomFree, from security company Cybereason.
Cybereason was organized by a group of former military intelligence officers using skills they acquired fighting the worst of bad guys. This explains why they refer to their products as military-grade prevention. The company uses techniques developed by the military to detect, deceive and kill ransomware.
The company has been active in the enterprise security space for some time and its products have been widely adopted there. But the software doesn’t lend itself to most SMB users because of the expense and the expertise required to use it. So Cybereason’s developers created a version that small companies and individuals can implement and they are giving it away for free.
Right now, RansomFree only works on Windows computers. But once it’s installed, it does three things. First it can detect the ransomware malware when it arrives on a computer if it has a signature it recognizes. But because of ransomware families rapidly evolve, it also watches the activity of the ransomware looking for attempts to encrypt files. Finally it deceives the ransomware into thinking its working, when in reality all that it’s doing is operating in a secure honey pot of a container.
A honey pot is a simulated environment that looks normal to the malware, but which exists only as a place for the malware to execute, while the anti-ransomware software studies it. Once it’s done with that, the ransomware attack is stopped in its tracks and the malware is killed.