Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

Ransomware – how to stop this growing, major cause of downtime

By Phillip Cockrell

In our modern digital economy, we are increasingly reliant on interconnected, always-on IT systems. I hate it when I get hit personally with any kind of unplanned service interruption. It’s incredibly disruptive and frustrating.

The stakes are far higher for business leaders, CIOs, and operations teams. System downtime can be catastrophic. Last year, the average cost of critical server downtime was over $1 million an hour for a third of all enterprises. Sadly, downtime is not a rare event. A third of all companies experienced a substantial outage in the past 3 years, and three-quarters of those events were preventable.

Of course, downtime can be caused by hardware or power failures, internet outages, human error, and a bunch of other issues. But these days, ransomware attacks are steadily rising to become a top concern for many organizations.

The rolling rampage of ransomware

Ransomware attacks are accelerating at an alarming rate and their impact is becoming more and more brutal. Around a third of companies suffer 5 days or more of downtime and the recovery costs can be astronomical. Worst case examples have involved losses for the victims of close to $1 billion and many have taken months to recover.

Take a look at the graphic below and you can see that cyber-criminals have a smorgasbord of options to choose from as they craft their attacks. And they are getting more sophisticated. All along this timeline, cybercriminals have been evolving, enhancing, combining, and adapting their code. They’ve relaunched ransomware in different guises and adjusted tactics to be even more devastating.

Modern ransomware strikes are cunning multi-stage affairs.

They use brute force attacks to infiltrate systems, steal credentials, and set up backdoors for remote access. Zero-day vulnerabilities or unpatched security bugs can be combined with buffer overflow techniques to upload malicious scripts or for code-injection. File-less in-memory malware can be used to evade security and avoid leaving a footprint. And legitimate binaries, utilities, and executables can be leveraged to discover other nodes and move laterally across networks to maximize the infection spread.

Once Cyber-villains have infiltrated your infrastructure, they can take their time stealing data. That’s before they finally trigger the ransomware payload to inflict maximum damage by encrypting everything they’ve touched.


Enough of the doom and gloom. So ransomware’s a big problem. Who didn’t know that, right?

The big questions are: What can you do about it? How can you protect your business?

Let’s start with Linux.

Over the past three decades, it has become the “go-to” option for non-stop mission-critical solutions. That’s largely because you can take advantage of hardened enterprise-grade distributions with well-earned reputations for robust security and advanced uptime features.

But even with all its strengths, Linux is not immune to ransomware attacks.

Nefarious hackers understand exactly how the standard Linux OS structure is laid out. They know the function pointer locations, sensitive data areas, start addresses for libraries, where security credentials are located. Those are the starting points for plotting and crafting any attacks.

Then there’s the constant stream of security patches and updates that most organizations struggle to keep up with. Cyber-scoundrels are poised to take advantage of any unpatched weaknesses, or any zero-day vulnerability they can latch onto.

To successfully protect ourselves, we need to be just as creative and innovative as the bad guys.

Polymorphing for Linux is the ground-breaking technology that takes all the strengths of Linux and simply makes it exponentially more secure.

It takes the entire Linux environment and runs it all through an advanced polymorphic compiler to scramble the low-level machine code. The result is a unique and ultra-hardened Linux layout designed to confound even the most determined cybercriminals and the most sophisticated ransomware attacks.

Without knowing what the new layout looks like, they are working in the dark. They can’t even get started on crafting an attack. Better still, your business is protected even with a patching strategy and regime that is less than optimal.

To find out more, why not register for the upcoming Polyverse webinar:

“Ransomware: How to prevent this growing, major cause of downtime”

Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.