Prevent Ransomware, Phishing, and Supply Chain Compromise

News of successful, significant cyber attacks is appearing in the headlines with distressing regularity. Unfortunately, this expansion in cybercrime isn't going away any time soon and the problem is affecting everyone, whether that be a network of hospitals whose computers are held hostage by ransomware, a range of government agencies in the U.S. and abroad, or the thousands of other businesses of all sizes that find themselves infected with no way to regain access to critical data. Except in cases where known ransomware is used and a key is already available or the ransomware uses a weak encryption that can quickly be broken, most organizations have little recourse other than reloading from backups, or worse, paying the ransom. In this environment, there is no way to guarantee protection from ransomware or other malware, given the expanding number of network endpoints, sophistication of modern phishing schemes, and constant revelation of new vulnerabilities.

Protective DNS services work to prevent infections by keeping users and devices from accessing domains used by bad actors.  HYAS Protect prevents transactions with known bad domains, as well as domains that HYAS's machine learning-backed threat identification system has deemed suspicious. For instance, if an employee falls victim to a phishing scheme and clicks a malicious link, the transaction will be prevented if the requested domain is suspicious or a known threat.

If malware does make it onto the network (perhaps via a newly revealed vulnerability or the purposeful actions of a disgruntled employee), Protective DNS can preventatively shut down communication between the malware and its command and control (C2) servers before it causes damage. Just like ants or bees, if the workers can't communicate with the queen, they don't know what to do. Without a command and control server, the malware lies dormant until it can establish contact. Even ransomeware that encrypts data locally needs to be able to tell its C2 that it has succeeded in infecting a target, or the bad actors won't know who owes them a ransom! In the meantime, network administrators are alerted to this suspicious network activity, and using the information provided, they can trace the compromise to its source and deal with it before it causes trouble.

To learn more about preventative solutions to ransomware, phishing, supply chain attacks, and other cyber threats, reach out to HYAS today to request a demo.