Big Data is the First Line of Defense Against Wannacry and Next Gen Ransomware

June 6, 2017
3194 Views

We rarely stop and ponder the evolution of malware. We probably should, because it is becoming more sophisticated every year.

The Elk Cloner was the first computer virus ever made. It was created by Richard Skrenta over 35 years ago. This virus was more or less a practical joke, although it was certainly a pain for people that accidentally installed it on their floppy disks.

Malware today is anything but a joke. It can cripple entire computer systems and destroy volumes of valuable data. Ransomware is particularly nasty. If it is installed on a computer, it can cause the entire system to shut down until a ransom is paid.

Wannacry is the latest and most sinister form of ransomware to hit computers around the world. According to news reports, the malware infected computers in over 150 countries. Victims paid less than $70,000 to the hackers, but many people were devastated after it was installed.

Other forms of ransomware are more effective. They often target more guilty-minded people that fear incriminating information will be exposed. They may also target large businesses with precious trade secrets that they are willing to protect at all costs.

The FBI has stated that some ransomware is so effective, that they often recommend victims just paid the ransom. Otherwise, their data may be permanently compromised.

What can cybersecurity experts do to prevent ransomware from causing such wanton destruction? There aren’t any easy answers, but big data will be highly beneficial in the coming months.

How Will Big Data Prevent Future Ransomware Outbreaks?

For the past five years, cybersecurity experts have stated that big data will play a key role in fighting malware. Rahul Dasgupta states that one of the problems with older-generation anti-malware solutions is that they can’t stop viruses from replicating in real-time or evolve quickly enough to respond to new threats. He states that big data analytics will be included in more antivirus applications in the market in the future, since it addresses many of these problems.

“To remove the inefficiencies of previous AV methods, the new generation of techniques must automate analysis of malware rather than relying only on previous samples captured from other client machines… The ability of multiple detection engines to work simultaneously despite being connected to different client computers would improve the speed at which data is received for analysis. Continuous study of behavioral patterns and visualization of event data makes it possible for security analysts to spot patterns just before the attack actually happens. To conduct the data-visualization process huge volumes of data are required, which is made available because the cloud network is connected in real-time. Thus, big data analytics helps identify and block cyber threats before the attack has a chance to infect or compromise a system.”

How will big data play an important role in stopping ransomware and other malware in the coming years? Dark Reading shares some insights.

Monitoring DNS Feeds

Hackers frequently setup new domains to spread malware. Since many hackers recycle domains every 7 to 14 days, it can be very difficult to identify them if you aren’t monitoring them carefully.

Big data analytics makes it much easier to monitor DNS feeds and find domains that are made for the purpose of spreading malware.

Using C2 systems for Blacklists

Blacklisting dangerous online traffic is a very important precaution every cybersecurity expert should take. Big data has enabled cybersecurity professionals to develop C2 systems, which can aggregate domains and IPs from all known blacklists. This is a much more efficient solution than manually identifying untrusted traffic sources that need to be blocked. In 2017, there are millions of dangerous known IP addresses and new ones are identified every day. It simply wouldn’t be possible to identify and block them all on your own.

Inspecting Network Traffic Logs for Threats

You can’t always rely on known threats from third-parties. You may be one of the first companies to be targeted by a ransomware attacker. If you aren’t diligent about protecting your security, then you won’t be safe, even if you have blocked all known dangerous traffic.

Fortunately, new tools make it much easier to monitor your own network traffic. Big data allows malware protection vendors to carefully screen your networks for threats.

Big Data is a Weapon Against Ransomware and Other Malware, but it is no Substitute for Common Sense

Malware is a growing threat. Hackers like the authors of Wannacry aren’t likely to let up anytime soon. Fortunately, big data is making it easier to develop solutions against it. However, your best defense against malware is your own common sense. You need to always take appropriate precautions to keep malware from infecting your organization. The risks are simply too high in 2017.