CyberArk Labs tested over 23,000 ransomware samples from more than 30 prevalent malware families, including Cryptolocker, Petya and Locky, in order to better understand common infection, encryption and removal characteristics, and identify potential strategies for mitigating the impact of ransomware attacks on enterprises.
They analyzed the typical path to encryption, discrepancies and commonalities in ransomware execution, tested several strategies that could mitigate the damage caused by ransomware attacks, and finally found that app control coupled with the removal of local admin rights can stop ransomware from encrypting files in 100% of cases.
