Your last line of defence – Protect your organisation from a ransomware outbreak
Did you know that ransomware attacks are becoming more and more frequent?
SonicWall found that in the first half year of 2021, we saw 304.7 million ransomware attacks, surpassing 2020’s full-year total of 304.6 million. The UK were one of the top five regions hit and education was one of the top verticals.
Consider the following:
- How would you identify which user and which device is causing the encryption (Patient Zero)?
- How would you stop the ongoing encryption immediately before significant damage occurs?
- How would you see which files are encrypted and where they reside?
RansomCare protects your organisation from being a victim of this and acts as your last line of defence should your prevention and perimeter solutions fail. RansomCare will stop the spread of ransomware in your work environment and the illegitimate encryption of your crown jewels data.
Book an online demo today to see RansomCare in action.
I already have anti-virus software, why do I need RansomCare?
Sophos and anti-virus software provide endpoint protection, however they don’t protect your file shares. RansomCare works by monitoring file and cloud shares and isolates compromised users causing encryption. New strains of ransomware are able to disable endpoint protection, AV, firewalls, and even backup solutions before encryption starts. If this happens, RansomCare will be there to stop ongoing illegitimate encryption and file corruption on file shares.
A different approach
RansomCare leverages heuristic analysis and file metadata to monitor traffic between endpoints and file shares (on-premise or cloud) to swiftly and efficiently detect evidence of an active ransomware breach. Instead of searching for ransomware, RansomCare detects and responds to ransomware’s malicious intent: illegitimate file encryption.
RansomCare is not installed on endpoints or any existing file servers. The agentless solution is easily deployed within days and leverages Machine Learning to configure automatically.
Due to the way in which RansomCare monitors existing network traffic, there are no net work overheads or performances issues because of deploying the tool.
Detects the Unknown
Cybercriminal development teams constantly monitor prevention-based security vendors for software updates; they know when existing variants are at risk of being detected and when to change their methods. RC circumvents this problem by detecting encryption caused by known and unknown ransomware variants.
Utilize the cloud
RC works seamlessly with Office 365, SharePoint, and Google Drive. RC is OS-agnostic to the device type accessing the cloud, including mobile devices, tablets, MAC, IoT, and laptops, and also for OS independent environments, such as Windows, Android, IOS and Linux.
Cover all Entry points
Regardless of whether an attack starts on an endpoint, a mobile phone, an IOT device, via email, website drive-by-attack, USB cable, or was deployed by someone inside your organization, RC reacts immediately when said device or user causes encryption on file shares either on-premises or in the cloud. RC responds by isolating and containing the compromised device and user, instantly halting the encryption process.
Organisations that fall victim to ransomware typically have between 4-7 prevention-based (such as AV, NGAV, Firewalls, Web-filtering etc) security tools in place. RC is not a replacement, but a complementary last line of defence security layer focused on the outbreak of illegitimate encryption.
It is a legal requirement to report personal data breaches to the ICO within 72 hours of the incident happening. RansomCare will automatically generate a report of files affected saving you hours of work.