Try Not to Be A’Maze’d

Ramani Pathak

Ramani Pathak

May 14, 2020

In April, Cognizant, one of the largest tech and consulting companies, was yet another victim of a ransomware attack. This breach was conducted by malicious actors associated with MAZE ransomware. Deploying ransomware via spam and utilizing in exploit kits is not new, and is becoming more commonplace. The MAZE variant is not like typical data encrypting ransomware.

Maze ransomware is a sophisticated Windows malware, installed post-exploitation and helping the attacker move laterally in a corporate environment. Like many other ransomware, once MAZE breaches a corporate network, it spreads laterally. In the process, it finds and encrypts data, making it inaccessible until a ransom is paid. The team of actors comprising MAZE go so far as to publish their successful breaches on a public facing website, where they post data stolen from victims who refuse to pay.

The propagation of attacks is simplified by exploiting flat networks, which make lateral movement easier. ShieldX customers benefit from micro-segmentation combined with threat prevention to help identify and stop attacks in their tracks.

With ShieldX Elastic Security Platform, enterprises can mitigate the risk of flat network architectures and vulnerable systems by:

  • Automatically visualizing application connections and dependencies
  • Automating network security policy for tiering, tier isolation and micro-segmentation
  • Automating threat prevention policies that detect and prevent malicious URLs and IPs, malware downloads and data exfiltration

Read more about MAZE and how ShieldX helps in the following paper.