Ransomware is a type of malware designed to infect machines, encrypt files and hold the needed decryption key for ransom until the victim submits the required payment. In 2015, this attack method was used to successfully extort over $400 million from victims. This paper documents research conducted by CyberArk Labs to better understand ransomware and evaluate what mitigation strategies could be most effective. One of the key findings was that when local administrator rights were removed and application control policies were in place, 100 percent of ransomware samples were prevented from encrypting files.
Download this report to learn about the research methodology, ransomware behaviors and mitigation strategies that were considered.