Understanding ransomware

  • Ransomware is a sophisticated class of malware that blocks access to files and holds that data hostage until a ransom is paid.
  • Cybercriminals use social engineering, malvertisement, brute force attacks, third-party apps, and other threat vectors to sneak ransomware onto a user's system.
  • The biggest ransomware attack to date, WannaCry, used the EternalBlue exploit to infect more than 300,000 victims in over 150 countries.
  • Ransomware-as-a-service is booming. Some cybercriminals now allow other hackers to use their ransomware in exchange for a cut of the resulting ransom.
 

See how you can detect and respond
to ransomware attacks with DataSecurity Plus

 Watch Video

DataSecurity Plus,
your solution against
ransomware

Ransomware is no match for DataSecurity Plus' multi-layered defense strategy.

 
  •  
    American small businesses
    lost an estimated
    $75 billion a year toransomware.
    - Datto survey -
  •  
    Seventy-two percent ofinfected businesseslost access to their datafor two days or longer.
    - Intermedia -
  •  
    Every 40 seconds,a company gets hitwithransomware
    - Kaspersky Security Bulletin 2016 -
  • Prevent

    Least privilege for file access Review file permissions regularly to ensure that there are no unwarranted permissions to your sensitive files; if a victim has write permissions on a shared file, ransomware will encrypt those shared files too.
    Visibility on file activity Gain visibility into your file server environment, events, and user behavior to identify malicious activity.

  • Detect

    Ransomware detection Spot sudden spikes in file events like renaming, deletion, or permission changes, which are all telltale indicators of a ransomware attack.
    Real-time alerts Generate instant notifications via email for all unwarranted file modifications and permission changes, and catch extremely time-sensitive incidents.

  • Respond

    Stop the infection Cut off file encryption in the host machine within seconds by promptly shutting down the ransomware-infected machine.
    Quarantine ransomware Isolate the corrupted device from the network to minimize the impact of ransomware on your organization.

  • Analyze

    Forensic investigation Identify infected machines faster using actionable, accurate forensic data. Generate clear and concise audit records as legal evidence.

Quickly uncover ransomware intrusions using
ransomware detection software

Detect and shut down potential ransomware attacks with real-time alerts and an automated threat response mechanism.

  • Quarantine malware Quarantine malware
  • Say goodbye to ransomware Say goodbye to ransomware
  • Forensic analysis made simple Forensic analysis made simple
1
 
Cut off ransomware attacks.

Stop a ransomware infection within seconds by automatically shutting down an infected machine. Execute custom scripts to perform actions tailored to your organization's needs (e.g. disconnect the user session or lock the user account).

2
 
Detect malware in real time.

Speed up incident response with instant email notifications upon detection of malware attacks, especially ransomware, by watching for sudden spikes in file renaming and modification events.

quarantine malware
1
 
Defend against WannaCry, Petya, NotPetya, and other instances of ransomware.

Many ransomware variants use a specific file extension when they encrypt data. DataSecurity Plus uses these malicious extensions to identify known ransomware variants and block them instantly.

say goodbye to ransomware
1
 
Investigate and analyze.

View in-depth details of any ransomware attacks to identify the client IP of the machine where the malware started spreading. You can use this and other information available to perform root cause analysis.

forensic analysis made simple
 

Thanks!
One of our solution experts will get in touch with you shortly.

Hi,

I know that the ransomware detection and response solution falls under the File server auditing starts at $395 module and that its pricing starts at $745. However, could you also send me a personalized quote for
 
File servers?
Please contact me at
 
By clicking ' Get a personalized quote' you agree to processing of personal data according to the Privacy Policy.

Frequently asked questions

  • 1. Can I automatically disconnect a user's session when a ransomware attack is detected?

    DataSecurity Plus allows you to execute your own scripts to perform actions tailored to your organization's needs (e.g. disconnect the user session, lock the user account, or shut down the system).

  • 2. Can I detect future ransomware attacks?

    DataSecurity Plus identifies all ransomware attacks promptly and generates threshold-based alerts that are triggered when a set number of monitored events occur in a defined time span.

  • 3. Can I stop known ransomware like WannaCry and Petya from infecting my whole network?

    Many ransomware variants use a specific file extension when they encrypt data. DataSecurity Plus uses these malicious file extensions to identify known ransomware variants and block them instantaneously.

  • 4. If ransomware infects my network, can I identify where the attack started?

    DataSecurity Plus lets you identify the client IP of the machine where the attack began. You can use this and other information to perform root cause analysis.

  • 5. DataSecurity Plus just alerted me that possible ransomware activity has been detected, what do I now?

    If that's the case, then DataSecurity Plus should have already shut down the potentially infected system. From here, you should analyze the audit data to identify which ransomware variant it is and start planning your strategy from there.

  • 6. What if I can't find an answer to my question here?

    No problem! Just fill out this form with as much information as possible and we will contact you with the appropriate steps.

An all-in-one solution packed with powerful features

  •  

     

    Audit file access

    Audit all file accesses and modifications to track who accessed what, when, and from where.

    Learn More  
  •  

     

    Analyze file storage

    Optimize storage space by isolating stale, large, hidden, or non-business files.

    Learn More  
  •  

     

    Monitor file change

    Track and provide alerts for critical changes made to your sensitive files in real time.

    Learn More  
  •  

     

    Audit access rights

    Monitor NTFS to see who has access to which files and what actions they can perform.

    Learn More  
  •  

     

    Monitor file integrity

    Detect and provide alerts for unauthorized changes to critical files through real-time monitoring.

    Learn More  
  •  

     

    Comply with IT regulations

    Ensure compliance with external mandates, such as PCI DSS, HIPAA, FISMA, and the GDPR.

    Learn More  
  •  

     

    Combat ransomware

    Detect and shut down ransomware attacks instantly with an automated threat response.

    Learn More  

Resources you might be interested in

10 min read

E-book

Want to protect your organization from ransomware? The FBI knows how.

  •  
    Checklist

    Prevent ransomware attacks by following this ransomware prevention and response checklist.

  •  
    Infographic

    A visual guide on how to protect your organization from ransomware attacks.

  •  
    How-to

    How to detect and respond to ransomware attacks with DataSecurity Plus.

Are you looking for a unified SIEM solution that also has integrated DLP capabilities? Try Log360 today!

Free 30-day trial
 
×
Talk to us

Questions? Let's talk.

Have a question about features, trials, or licensing?Go ahead, ask us anything.

Thanks for your interest. We'll contact you shortly.
  • Please enter a valid Business email address
  • Please enter a valid Question
  •  
  • By clicking 'Talk to us', you agree to processing of personal data according to the Privacy Policy.
 
X
 

Get DataSecurity Plus easily installed, configured
and running within minutes.

Thanks!
One of our solution experts will get in touch with you shortly.

footer1
footer2
Email Download Link