Protecting Endpoint Data from Ransomware

BY

Tom Ricoy

|

July 14, 2020

Endpoint ransomware

Successful ransomware attacks have increased at an alarming rate and is the top concern for many IT professionals.

Despite over $30B in endpoint security spend alone, we are struggling to prevent ransomware attacks. IT leaders attempt to thwart them in part by installing multiple solutions with an average of 8-12 agents per endpoint (with larger organizations having as many as 20). This has a significant impact on device performance and user experience and makes it difficult to manage PCs.

Ransomware attacks have evolved from simple scattergun encrypt-and-demand to very targeted, comprehensive, and sophisticated attacks that are intended to obtain the most critical data assets of an organization. Adversaries threaten to and often auction data on the dark web, causing enormous risk to brand reputation, fines, etc. They also disrupt production, health care services, research, etc.

And there are no guarantees the adversary who stole the data deleted it after being paid to get it back. They could continue to blackmail organizations for years.

Ransomware has so crippled many small companies they have gone out of business.

It is being used at scale by nation states to fund their cyber warfare programs to the tune of billions of dollars. And criminal organizations, activists, over 100 nation states, and pretty much everyone is using ransomware now.

It’s time we put an end to this.

File-level ransomware prevention

Existing endpoint ransomware defenses are not effective because they are too far removed from the data itself. They rely on focusing on tools the adversary uses (to breach a system, establish command and control, exfiltrate the data, etc.) as opposed to simply protecting the data itself from being encrypted by ransomware.

Cigent D3E focuses only on protecting your valuable data. It does this by ensuring authenticated users can easily access files while blocking ransomware encryption attempts.

Only one or two agents are required to prevent ransomware (Cigent D3E and AV/NGAV.)  AV should still be deployed to meet regulatory requirements, stop spyware and other nuisance malware, and prevent known and zero-day malware that ML can detect.

D3E uses next to no overhead (less than 1% CPU), does not encrypt your documents, and is safe to use for corporate and personal files.

Other endpoint detection solutions can additionally be added but in fewer numbers and better focused on pan-network/cloud attack tactics including credential theft, privilege escalation, lateral movement, etc.

Cigent D3E protects your files in a way that's never been done before.

Learn More

Explore more articles.

Protect your organization's most valuable asset—your data.

Contact Us