Server Security: Ransomware & Advanced Attacks

Business IT environments are now at bigger risks as more and more malware, such as Ransomware, are becoming more sophisticated.  The results of malware gaining access to your IT environment could lead to as much as disruption of your business operations – mainly your service, productivity, and more importantly – your reputation.  Cyber criminals do this through business process compromise (BPC), halting your access to business critical applications and data which can last for days if not months..

Contrary to common belief that cyber threats are an endpoint issue, ransomware and other advanced attacks are also focused on your servers.  Servers are high value easy targets for cybercriminals due to the combination of readily available infrastructure via the public cloud and the increased speed of application delivery to create competitive advantage.  Server and endpoint security hugely differ in the sense that the applications and operating systems that run enterprise workloads in the data center, in the cloud and even in containers can be extremely dynamic.

Fundamentals DO matter – Patching

As servers are the driving force that pushes any business forward, tasked with housing your most valuable data, it is only natural that cybercriminals would start targeting it – whether it’s on premise or in the cloud.  Cybercriminals will take advantage of vulnerabilities found on your servers. A good example of this is the recent WannaCry Ransomware attack a few weeks ago which leveraged on a Microsoft Windows SMB vulnerability to inject itself onto servers and endpoints.  OS Patching is the best solution to these as to prevent the attack from executing. However, there are many reasons why servers are left unpatched one of which is server downtime.  It is estimated that enterprise firms take an average of 250 days for their IT (205 days for retail businesses) to fix the software flaws in their enterprise applications.

Layered Security

Hybrid Cloud infrastructures are complex, and these complexities can have gaps which can be exploited.  So what can be done to prevent situations such as compromised endpoints accessing a vulnerable file server?  Here is where advanced server security solutions such as Trend Micro Deep Security comes in.  Designed to protect workloads across physical, virtual, cloud and container environments with host-based security to shield servers from a wide range of threats.  With its range of cross generational security techniques, it will be able to enable you to easily:

  • Stop network attacks and shield vulnerable applications & servers, leveraging Intrusion Prevention (IDS/IPS) and firewall techniques;
  • Lock down systems and detect suspicious activity on servers, using techniques like application control and integrity monitoring that have been optimized for the hybrid cloud; and
  • Prevent malware and targeted attacks from successfully infiltrating your servers, leveraging proven anti-malware and advance techniques like behavioral analysis & sandboxing

Learn more about Trend Micro Products from our product page here!