Ransomware – A serious threat.
This kind of story sadly isn’t a one-off. According to estimates, a company is infected with ransomware every 40 seconds and all it takes is one employee to click on something they shouldn't and then the whole network is infected. Ransomware doesn’t only affect a computer’s local memory, but also any shared drives. With this in mind, anyone using network attached storage (NAS) should look into ransomware protection as there is a real risk that malicious software can lurk on the network for months before being noticed, increasing the risk of your files being lost for good.
Businesses and authorities now count ransomware attacks as the biggest cybersecurity threat.
Impact on business:
ONTAP data management software includes over 30 advanced data security features.
Our portfolio of solutions has been designed to protect your data against threats and accelerate data recovery. Ransomware is a multi-layered threat that demands a multi-layered solution with a focus in storage and services that are smart and robust and which lay the groundwork for data backup, detection and recovery. If the worst does come to pass, you need a fast, reliable and simple process to get your storage up and running again.
- Block malicious files before they are written to your hard drive
- Create write-protected NetApp Snapshot copies to counteract file infections
- Identify strange storage behaviour that could point to a malware attack
- Quickly recover data with efficient remote copies remote storage failover
- Analyse logs and use forensic processes on the file-level to isolate threats.
Identify the systems to protect –
- Tools for monitoring and optimising IT infrastructure
- Records a company’s resources and determines their dependencies to create a topology of the environment.
- Reduces the time to error resolution by up to 90%
- Ensure optimum data governance
- Monitor sensitive data and permissions
- Analyses into data security
- Compliance with statutory requirements
- Automatic localisation of data breaches
- Monitor user activity
- Detect anomalies and potential attacks
- Policies for automatic responses
- Forensic and user audit reports
ProLion CryptoSpike – Real-time protection.
- All NetApp Storage transactions are checked in real-time and affected users informed immediately.
- User behaviour, file extensions and names are continually checked and compared against a blacklist.
- CryptoSpike Manager for the intuitive management of settings.
- Immediate information on where the attack has taken place and support in the recovery of damaged data.
- Early detection of attacks prevent further encryption and thus potential data loss.
- The attack is smothered and any attempts at blackmail blocked.
CryptoSpike and FPolicy Server can be easily installed as a software image (.ova).
- White list – Includes all file extensions allowed in your company copied from your storage upon installation
- Black list – Currently Includes some 1,800 known ransomware file extensions and names. Updated daily.
- The Learner module is the most critical component of second-level security as ransomware only rarely changes file names/extensions making it difficult to identify encryption. Learner analyses user behaviour patterns within the company such as read/write/open/close file operations. For example, the last 50,000 transactions in the network are recorded and saved in the white patterns list. There is also a black patterns list with examples of current ransomware behaviour patterns.
CryptoSpike in a nutshell (only available in german):
Questions about CryptoSpike?
Simply write us an e-mail. We are happy to help.