Deception and Defending Ransomware 2.0 Attacks with Attivo Networks
Traditional endpoint solutions, like Endpoint Protection Platforms (EPP) and Endpoint Detection and Response (EDR), use signature matching or behavioral anomaly detection to identify malicious binaries and block the execution
of ransomware to stop the infection.
Unfortunately, with human attackers using advanced methods, many of their techniques can evade these solutions what is now commonly referred to as Ransomware 2.0. It uses APT-style tactics designed to bypass traditional security controls. These threat actors often do not encrypt data and demand ransom on the first system they compromise. Instead, they use it as a foothold into the network to conduct network discovery, probe Active Directory, move laterally, and identify high-value assets to target. Only after attackers have found the organization’s essential assets, encrypted the critical data, or taken control of assets do they send their ransom demands. Attivo Networks EDN solution presents a unique and fascinating way to disrupt ransomware’s ability to move laterally and prevents unauthorized access to data by concealing production files, folders, removable disks, network shares, and cloud storage.
Date: Thursday, February 18
Time: 11:00am IST / 1:30PM SST / 4:30pm AEDT
Presenter: Lalan Prasad, Senior Technical Sales Engineer