Virtualization Technology News and Information
ExtraHop Enables Proactive Security to Stop Ransomware in Its Tracks
ExtraHop, the global leader in real-time stream analytics for IT operations and business intelligence, today announced a targeted new solution to help organizations proactively detect and track malicious ransomware behavior in real time, identify and protect vulnerable resources before they can be compromised.

According to a report from Kaspersky Labs, in 2015 ransomware attacks doubled and ransomware programs were detected on over 750,000 computers of unique users. In the same time period, nearly 200,000 computers were targeted by encryption ransomware. For targeted organizations, the cost goes far beyond the ransom. Lack of access to critical files can effectively shut down business operations, affecting workflows, productivity, and the bottom line. In healthcare, lack of access to critical patient information can directly impact care.

The ExtraHop platform analyzes and characterizes all data in flight -- client, network, application, and infrastructure activity and behavior -- providing unmatched visibility into all East-West and North-South traffic to deliver the richest source of real-time security insights.

The ExtraHop ransomware solution enables a positive and proactive security model, putting the power of pattern-based analysis and machine learning to work against malicious actors. ExtraHop now fills the gap left by security platforms that protect the perimeter, scan for attack signatures, or analyze log files -- methods that have proven to be ineffective at early detection and remediation. ExtraHop customers are already successfully using the Ransomware Solution to identify and stop infections before sensitive corporate network file servers and storage systems can be impacted.

  • Quickly detect anomalous behavior that is typically associated with ransomware attacks such as lateral movement across systems or irregular storage read/write operations.
  • Prevent the spread of malicious agents through customized alerting designed to notify incident response teams within minutes of a ransomware infection and provide clear guidance on the incident.
  • Remediate the affected systems by forensically investigating the source of the attack down to the client machine and URI of the external malware host.

"Traditional security solutions focus on shoring up the perimeter, relying on signatures to identify threats or incomplete log file analysis," said Erik Giesa, SVP of Marketing at ExtraHop. "The incredible acceleration of ransomware attacks should serve as a wake-up call that this is not enough. IT needs to get proactive about understanding its infrastructure and dependencies, and watching not just North-South but also all East-West traffic. With the barbarians already inside the walls, the critical requirement today is comprehensive behavioral visibility and continuous surveillance to understand where they've gained access and what they are doing. Only then can an organization begin to take a more proactive and positive security stance."

To learn more about how ExtraHop is being used to defeat ransomware attacks, check out the case study: Leading Health Services Provider Thwarts Ransomware Attack with ExtraHop. Read the datasheet for more information on the ExtraHop ransomware bundle.

To experience the power of the ExtraHop platform for yourself, explore the ExtraHop interactive online demo.

Published Tuesday, March 01, 2016 10:52 AM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<March 2016>