Preventing the Spread of Ransomware: Why YubiOn Is Effective for Securing Device Logins
- Matsuda
- 2025年12月4日
- 読了時間: 3分
更新日:2 日前
In recent years, ransomware attacks have occurred frequently across companies of all sizes. Major attacks reported in the news are not someone else’s problem. In fact, attacks targeting small and medium-sized businesses with weaker security measures, as well as attacks aimed at large companies’ supply chains, are increasing.
One major factor behind this trend is the rapid advancement of generative AI. In the past, it was relatively easy to detect attack emails from overseas due to their “unnatural Japanese.” However, with the evolution of AI, attackers can now generate extremely natural and sophisticated Japanese text. As a result, detecting attacks based on “linguistic awkwardness” has become much more difficult, and the number of cases in which Japanese companies are targeted has risen sharply.
As companies are required to implement immediate security measures, we recommend the adoption of YubiOn as one such solution.
This article explains why YubiOn is effective as a countermeasure against ransomware.
■ Ransomware Attack Vectors and Conventional Countermeasures
The most common ransomware entry points include:
Email attacks: Opening attachments or URLs in emails disguised as business communications
Websites: Being directed to tampered websites or phishing sites
Vulnerabilities in VPN devices: Exploiting security holes in remote-work environments
The “YubiOn” series we provide strengthens security through multi-factor authentication (2FA) for PC logon and web service login.
At first glance, it may seem strange: "If YubiOn doesn't prevent virus infection, how can it help with ransomware?"
The answer lies in the multiple phases of ransomware attacks.
■ What Are the “Phases” of a Ransomware Attack?
Ransomware damage does not occur the moment a virus enters a PC. To achieve their final goals (encrypting or stealing data), attackers move through several phases inside the network.
1. Initial Access
They break into a single employee’s PC via phishing emails or similar methods.
2. Credential Access
They attempt to steal stored IDs and passwords from the infiltrated PC.
3. Lateral Movement
This is the most critical phase. Using the stolen credentials, attackers try to log in to other PCs and servers across the network, spreading the infection.
4. Privilege Escalation & Impact
They obtain admin privileges and then encrypt organization-wide servers, destroy backups, or exfiltrate confidential data.
In other words, whether severe damage occurs depends on whether the attacker can move from the “first compromised PC” to "more important systems such as servers".
■ How YubiOn Helps
This is where YubiOn’s strengthened device logon control becomes effective. By requiring 2FA—such as a password plus a physical YubiKey—for PC and server logon, YubiOn disrupts the attack sequence.
1. Prevents Unauthorized Logons After Initial Infection
Even if attackers successfully steal passwords, they cannot log in without the physical YubiKey.
2. Blocks Lateral Movement Within the Network
Attempts to access servers or other PCs fail due to YubiOn’s 2FA. Since attackers cannot "move to the next PC," the damage can be contained to the initial device.
3. Protects Critical Servers
By reinforcing logon security for the organization’s core servers, YubiOn prevents catastrophic outcomes such as “full-company data encryption” or “backup destruction.”
■ Summary
YubiOn does not prevent the initial intrusion via email. However, even if a breach happens, YubiOn prevents the attacker from freely moving and logging into other systems, blocking organization-wide damage.
In today’s environment, where “assume the breach” is the norm, moving beyond ID/password-only authentication is essential. YubiOn is easy to deploy in existing environments and can be used immediately. With minimal cost and effort, it provides highly effective protection against the worst security risks.
For detailed information about YubiOn products, implementation consultation, or document requests, please contact us through the inquiry form.
Thank you for reading.
■ Related Links
[Security Key Sales]
Smart Logon with Passkeys
[YubiOn FIDO Logon]
Security for Both Windows and Mac
[YubiOn Portal]
Turn Everyday Authentication into Passkeys
[YubiOn FIDO2 Server Service]
[Product Inquiries]