Ransomware is a form of malware that encrypts files until and ask the victim for a “ransom” to decrypt the files. This threat is on the rise and Trend Micro is stepping up its protection and detection. Worry Free Business Security's new approach is to look for ransomware behavior. It does not depend exclusively on signatures or a specific removal tool. It monitors any suspicious file encryption activities at the endpoint and stops them by terminating or putting the process in quarantine.
Typical ransomware searches for system files with specific file extensions and encrypts them through normal file operation.
Installing WFBS 9.0 SP3 will automatically turn on ransomware protection unless Behavior Monitoring and Web Reputation have been turned off. Trend Micro suggests that customers enable all of the following to have best protection from ransomware.
The Ransomware visibility dashboard was added recently to increase the awareness of our customers if there are some ransomware being detected on their machines.
For existing WFBS SP 1 or SP 2, you may download and install WFBS Service Pack 3 Repack 4 here.
For new customers or fresh install, you may download and install the full installer of WFBS Service Pack 3 here.
You may also refer to Ransomware: Solutions, Best Practice Configuration and Prevention using Trend Micro products KB article for more information.
- Log on to the WFBS console.
- Choose the Security Settings tab.
- Select the group where you want to apply the setting.
- Click Configure Settings > Behavior Monitoring.
Under Ransomware Protection, make sure that Behavior Monitoring is already enabled. Select the following options:
- Protect documents against unauthorized encryption or modification.
- Auto backup files changed by suspicious programs.
- Enable blocking of process commonly associated with malware.
- Enable program inspection to detect and block compromised executable.
- Click Save.
- Log on to the WFBS console.
- Go to Security Settings > Desktop (Default).
- Choose Configure Settings.
- Click Web Reputation and make sure that it is is enabled.
- Enable Browser Exploit Prevention.
- Choose Save.
For more information about Ransomware prevention and tools please click here.
