Suppose that you are a chief information security officer (CISO), chief technology officer (CTO), or IT manager, with responsibility for all the information systems in your organizations. Your team applies security patches to software and applications as soon as they come out. You’re not worried about viruses or malware, because, along with your blistering speed at patching, you have a solid firewall, up-to-date antivirus scanning, and a solid VPN strategy for remote access. So, you might be shocked when you and everyone in your company logs in to discover something like this on the screen:
One of the most likely causes for this scenario is a zero-day ransomware attack. These attacks are based on the concept of a zero-day vulnerability, which Norton defines as “a software security flaw that is known to the software vendor but doesn’t have a patch in place to fix the flaw. It has the potential to be exploited by cybercriminals.” Basically, there was no patch available for the type of ransomware used to infect this security-conscious organization. To complicate matters, the software vendor might not even be aware of the flaw. However, there is still a way you can protect your business from zero-day ransomware attacks using NetApp® FPolicy, our Zero Trust engine, in external mode.
This blog post is the fourth in a six-part series that covers how you can detect and prevent ransomware by using native NetApp® ONTAP® features, recover quickly from an attack, and avoid paying the ransom. It’s best to read them in chronological order:
Matt is a Security Evangelist at NetApp with a focus on ransomware prevention, cyber resiliency, and data-centric portfolio security. With 25 years of IT experience, he specializes in Zero Trust, Data Governance, Encryption, Security Tools, and Best Practices. Matt has held various roles at NetApp, including Product Manager and Technical Marketing Engineer for ONTAP Security. He also has extensive expertise in networking, SMB/CIFS, and Microsoft technologies. Matt's passion lies in driving the latest security features and capabilities to ensure customer success.