The day in March this year when the WannaCry malware appeared on the scene, I downloaded a sample of the file from a well-known malware sample site, Virustotal, and put our software to test.
Check Point’s SandBlast Agent monitors the computer for malicious activity and behaviour, as well as bulk file encryption, amongst other things. To give SandBlast Agent the worst chance of success I could, I downloaded the sample and then disconnected my virtual PC from the Internet. This meant that there was no possibility of cheating by knowing the malware fingerprint (file hash).
So, assuming I was a user who had received a file – maybe from a friend who had also been compromised or through a phishing email – I thought: “Lets run the file; what’s the worst that can happen?”
[su_youtube url=”https://www.youtube.com/watch?v=0jb8zd7H634&feature=youtu.be” width=”360″]
As you can see, in just a few seconds, something starts to take over the computer; my data files start disappearing and new files, with strange names replace them.
At this point, SandBlast Agent comes to the rescue; it detects this malicious activity, terminates the malicious file, preventing it carrying out any further bad activity, and finds all the files that have been deleted.
Now for the cool bit – SandBlast Agent was monitoring my computer for changes to my files, so, each file that it found was encrypted, it goes to a special folder which only Check Point can access, and gives me a copy of the file it backed up!
For the more technical out there, there’s a forensics report, that shows what the malicious file did; this is so you can make improvements to your security within your organisation. But, that’s for those that are interested; the user can just relax, in the knowledge they are safe, and their data is intact.
Tom Kendrick is a European threat prevention security engineer at Check Point Technologies.
Related posts
Interviews
Comment
Why innovation and marketing are the perfect partners to make changes that matter
With the rapid evolution of traditional marketing and the appearance of digital marketing, technology and innovation has become part of any marketer’s life without the need of working for a…
Transitioning to a four-day week – CEO’s vow to strike a healthier balance in the workplace
I came to Scotland nearly 20 years ago from Ireland, with no contacts but a lot of determination. While Ireland will always be my home, Scotland has given me amazing…
Women Lead: The female-led company championing intuitive working
Over the last two years, the pandemic forced a shift to more remote and flexible working practices. Whilst we might be seeing a “return to normal”, some companies are choosing…
Women Lead: My passion for young people to consider a career in digital
Twenty years ago, I stumbled across my career in digital marketing almost by accident. It was during my honours degree in marketing at Glasgow Caledonian University. I was on work…
Women Lead: Inclusive Silicon Valley cohort gives hope to entrepreneurs from diverse backgrounds
Things are happening on the Scottish tech scene. Big and small initiatives are creating a fantastic ripple effect on the sector, bottom up and top down, thanks to the recommendations…
Women Lead: The story of an entrepreneurial scientist
I first arrived in Scotland over 20 years ago. I had £75 in my wallet and a scholarship offer to do a PhD at the University of Edinburgh. Sometimes I…
Please mind the gap… or healthcare may fall
Imagine sharing a lengthy train journey with others. From beginning to end, imagine how often you might hear ‘mind the gap’ messages about embarking and disembarking safely. Picture how navigating…
Women Lead: My journey from Dragons’ Den to Silicon Valley
Following her appearance on Dragons’ Den, Sheila Hogan, serial entrepreneur, founder and chief executive of digital legacy vault, Biscuit Tin, shares her experience of her time in the Den and…