Posted by Marktime
Henagon

Does IT Brain Anti Malware prevent the WannaCrypt Ransomeware?

Hi All

As the title suggests, I'd like to know if the IT Brain addon has been updated, or was already capable of spotting/stopping that lovely new PITA that's been going around over the weekend?

All our clients are up to date and very few are using older OS versions, but there's always going to be something missed. We tend to run It Brain antimalware on most things and it has always seemed to be a cut above the rest when it comes to this sort of thing but I thought I'd ask the question as I can't find any good reads on the subject.

Cheers

4 Replies
Posted by th
Photon

Re: Does IT Brain Anti Malware prevent the WannaCrypt Ransomeware?

Not very convincing for me to use ITBrain malware if you don't get an answer to a very basic question to a very serious problem. I will stay away from this product.

Posted by Remote Management Staff
Remote Management Staff

Re: Does IT Brain Anti Malware prevent the WannaCrypt Ransomeware?

Hi @Marktime

Thanks for the message. 

Indeed the media frenzy was a bit too overwhelming when it comes to the WannaCry Ransomware over the weekend. The exploited Windows OS vulnerability made it easier to distribute this Trojan/Worm throughout unpatched systems. 

As a general rule, when it comes to Malware which will appear in Media Outlets, We will already have the definitions in place to detect and stop the primary variants of those threats. That is not to say that ITbrain Anti-Malware or any other solution will; be able to protect 100% the systems. There will always be that one time when things went wrong.

Related to the WannaCry subject, our Malware Labs are getting hundreds of variants every day and we are working very hard in a reactive way to add as many variants to the signature list. 

At the same time, we always advise having good security practices in place for E-mail and network security. Most of the times those are the point of entry for new malware.  Also, users have to be trained regularly when it comes to best practices for opening e-mails and running attachments. 

These type of questions will arrive all the time when a new threat will spread rapidly over a few days. Please consider the following practices for future situations: 

1. Have a proper mail security solution in place (dedicated security for mail servers or cloud security)

2.  Regular Training for best practices for users regarding e-mails and website downloads. 

3. Propper User account Control and other related restriction to the network( firewall, hardware firewall... )

4. Operating system updates and hotfixes. 

5. To Have an Anti-Malware solution installed to have a safety net just in case and to have reports on the state of the systems based on .how many threats are found? 

6. Backup, Backup, Backup

 

I hope this helps in future situations which will inevitably happen.

 

 

 

Product Owner, Remote Management services.
Posted by LukeMoore
Photon

Re: Does IT Brain Anti Malware prevent the WannaCrypt Ransomeware?

Hi @Stanislav,

I read over your message several times. Two points I would like to ask you about:

1. "Related to the WannaCry subject, our Malware Labs are getting hundreds of variants every day and we are working very hard in a reactive way to add as many variants to the signature list."
I understand you are working very hard in a reactive way, but being reactive means that you are behind the curve. This means after the fact some business gets infected, then you are reacting. Wouldn't it be better to be proactive and create an algorithm to try and spot the type of code?

2. "5. To Have an Anti-Malware solution installed to have a safety net just in case and to have reports on the state of the systems based on .how many threats are found?"
You are replying to a question about IT Brain Anti Malware and yet you say to have an Anti-Malware solution installed to have a safety net just in care. Do you not feel confident in IT Brain Anti-Malware to be strong enough to fend off these attacks?

Regards,

Luke Moore from Empowering Business


 

Posted by Remote Management Staff
Remote Management Staff

Re: Does IT Brain Anti Malware prevent the WannaCrypt Ransomeware?

Hi @LukeMoore

 

Thanks for your questions. 

I will try to answer both questions below.

1. The whole industry for Anti-Malware operates in the same reactive way since its inception in late 90's. Some computers get infected, Anti-Malware labs get the samples and dissect it. then signatures are released. This process is nowadays mostly automated, but machine learning algorithms to be proactive is not yet here.  There are a few technologies out there for some proactive detection but they create many false positives and within a business environment they are not that applicable all the time. If you can suggest someone to build that algorithm we are definitely interested. 

 

2. Is not that we do not feel confident in our solution, we detect 99.99% off in the wild malware which in the computers world is 100%. We stand behind our solution but at the same time, we want to educate people and to inform them to not rely solely on the Anti-Malware solution for protection. Basic rules for internet and computer safety need to be applied. WannaCry was a concrete example, the ransomware type malware got only into systems which did not get the latest windows updates. This is actually valid for the majority of ransomware and banking malware these days, unpatched systems, no e-mail training for employees and very unfit user permissions settings. 

I hope that our efforts to raise awareness are not taken as no confidence in our products. We do great engineering and we put a lot of effort in creating simple software which does complex operations in the background so our customers will manage systems very efficiently. 

I hope my answers helped.

 

 

Product Owner, Remote Management services.