As effective as ransomware has proven to be in attacks against so many organizations across regions and sectors, certain characteristics actually can help defenders gain an edge in detecting malware. Lastline's Engin Kirda explains how. "Ransomware is a threat that needs to be taken seriously," says Kirda, co-founder and chief architect of Lastline, as well as a professor at Boston's Northeastern University. "But in comparison to other kinds of malware ... it has a very distinct behavior. It actually tells us that an attack has taken place."
And from a defender's point of view, being alerted to the attack is far better than having it stay undetected in your systems.
In an interview about ransomware defense, Kirda discusses:
Common elements of today's malware strains
Strategies and solutions most effective in combatting ransomware
What malware defenders can learn from ransomware
In addition to being co-founder and chief architect at Lastline, Kirda is a professor at the Northeastern University in Boston, and the director of the Northeastern Information Assurance Institute. Before that, he held faculty positions at the Institute Eurecom in the French Riviera and the Technical University of Vienna, where he co-founded the Secure Systems Lab that is now distributed over five institutions in Europe and US. His recent research has focused on malware analysis and detection.