Top 10 Ransomware Solution Providers

For Barracuda Networks’ SVP, International, Chris Ross, being proactive is essential. “By being proactive and preparing for every eventuality, businesses can decrease the likelihood of a successful and costly attack,” says Ross.

And while Barracuda can certainly help, Ross also suggests contacting a group called No More Ransom, which is partnership initiative between international police and the enterprise community.

Barracuda protects the online portal of No More Ransom.

“Businesses using these initiatives have the benefit of multiple toolkits and a range of experts,” says Ross.

Matt Middleton-Leal, general manager, EMEA of Netwrix could be said to have an uncompromising attitude towards ransomware.

“Never pay the ransom,” is one of the best practices Middleton-Leal urges enterprises to consider. Other suggestions include limiting user privileges, segmenting the network, and backing up in read-only mode.

The last three are probably proactive or preventative measures, but Middleton-Leal acknowledges that: “The growing sophistication of ransomware attacks combined with new evasion techniques makes them extremely challenging to detect.”

He adds: “Withstanding a ransomware attack requires a coherent strategy focused on two objectives: firstly, speedy discovery of attacks in progress and secondly, prompt action to minimize the impact on systems, operations and data.”

Because it’s such a subtle and complex type of attack to deal with, Middleton-Leal says early identification is “critical to stopping a ransomware attack”, so, therefore, he advises gaining visibility into user activity to detecting an attack in progress, if possible.

Trend Micro is another one of the superlarge cybersecurity companies, with a market capitalisation of around $8 billion.

And like Netwrix and many other cybersecurity companies, Trend Micro emphasises prevention as a way to deal with what it sees as a “dramatic rise of ransomware-related issues, especially the sophisticated crypto-ransomware”.

Ransomware has become more complex over time and can affect home users as well as commercial organisations. and protection become more challenging.

Trend Micro says that ransomware enters the computer or network through such things as email spam, phishing attacks, or malicious web downloads.

Trend Micro suggests that, for the highest level of protection, organizations should deploy multiple layers of protection on endpoint, gateway, and mail servers.

Check Point Software Technologies is one of the largest cybersecurity companies in the world, with a market capitalisation of around $17 billion.

The company also sets up and runs incident response teams for companies which have mission-critical operations.

Last year, its incident response teams were in the right place at the right time – or the wrong place at the wrong time, depending on your point of view – to help the UK National Health Service deal with the WannaCry and NotPetya attacks. I

n fact, the Check Point incident response had set up new cybersecurity measures to deal with an attack months before WannaCry hit, and those measures prevented WannaCry from affecting the NHS computer systems Check Point was protecting.

Inevitably, your business will be affected by ransomware or malware of some type – it’s basically impossible to protect all of your systems all of the time.

Which is why getting some insurance makes sense. Finding out what can and can’t be covered by insurance would be a good start. Blending insurance with cybersecurity measures would seem to be the best way to ensure business continuity from a financial standpoint.

James Burns, cyber product leader at CFC Underwriting, says: “It’s important to note that the impact of a cyber-incident extends far beyond the initial financial loss, to the long-tail of systems repair and reputational damage.

“Although ransom fees are generally higher for larger businesses with more valuable data, smaller companies can find it just as hard to get back on their feet or simply stay in business following a similar attack.

“With any organisation affected by an attack, the priority is to be able to get back to business as quick as possible. The cost of business interruption is steep, and the insurance industry has a vital role to play, serving as a lifeline to get a business back on its feet by avoiding, or limiting the impact of, a total knockout.”

Carbon Black offers a preventative ransomware solution it calls Cb Defense, which is said to have been tested against a set of fresh and prevalent commodity, master-boot infector, file-less and other types of samples from 42 crypto-ransomware families collected in the wild.

Rick McElroy, security strategist at Carbon Black, whose background includes the US Department of Defence, says Cb Defense “stopped every sample” in those tests, which were conducted by an independent security company called MRG.

Ransomware is not your average malware, says McElroy. To protect against this ever-changing threat, Cb Defense monitors the stream of events that lead to a ransomware outbreak, uncovering it no matter what variant comes your way.

Like the rest of the companies on this list, Timico says one of the most important things to put in place in dealing with ransomware is bringing senior stakeholders onboard.

Without support from senior colleagues, some of the preventative measure may not be possible to implement.

Timico is also one of the companies which says, “Don’t pay the ransom.”

The company says, even if you do pay the ransom, it’s still highly unlikely you will get your data back, or if you do it will be in an unreadable format.

“It’s not just a case of the data loss and financial cost to the business,” Nabeil Samara, chief digital officer at Timico.

“A ransomware attack can have a debilitating effect, with long-term consequences across the business, with the company even breaching terms of any regulatory bodies that the business holds themselves accountable to.”

A cybersecurity specialist, Wombat grew out of what was claimed to be the largest national research project in the US on combating phishing attacks at the world-renowned Carnegie Mellon University in 2008.

Alan Levine, security advisor to Wombat, says that while it might be tempting to pay the ransom when confronted by ransomware, it is not advisable.

“Paying a ransom is a slippery ,” says Levine. “After all, you can’t count on honour amongst thieves.”

He provides the example of Kansas Heart Hospital, which was hit by ransomware a couple of years ago. The hospital decided to pay the ransom, but then another payment demand was made by the same ransomware.

“It’s essential to plan ahead,” says Levine. “Data loss is too critical for an ad hoc response. Ensure that your most important data is backed up and isolated – ransomware can extend past a single machine to move laterally inside your network and compromise servers and backups, on-premise and in the cloud.

“Cold storage of mission-critical information can offer a failsafe in the face of an extreme attack. And, to stop ransomware from getting into your system in the first place, you need to actively address known vulnerabilities.

“If patching has become a pain point for your organisation, you absolutely need to figure out the source of that pain and work to ease it — no excuses.

“You should also assess your end users’ tendency to fall for a ransomware attack, because each instance is a failure of your cyber defence program. Phishing simulation tools can allow you to do this without exposing your network.”

Ivanti describes itself as a unified IT and security company, and ransomware has, understandably, been one of its main concerns, especially over the past year or so.

Simon Townsend, CTO, Ivanti, says the company has noticed that ransomware attacks follow similar patterns every time: phish user, exploit and infect the system, propagate to more systems, encrypt data on local system, post ransom and get paid.

Townsend says the answer is “layered security”, or “defence in depth”, as he calls it.

“This approach ensures that no single security control is a point of failure,” says Townsend.

“Primarily, patching is the fundamental way to reduce cyber risk because it reduces the attack surface. If your antivirus has to defend against 1,000 vulnerabilities, it will be harder-pressed than if it has to defend against 10.”

Norton is one of the largest and most well-known antivirus and cybersecurity software applications.

We could have picked any of them, and here Norton – which is owned by Symantec – sort of represents all of them. The other well-known ones are Kaspersky, BitDefender, Webroot, FireEye, and so on.

Most cybersecurity-oriented companies and applications like these tend to diligently track threats such as ransomware, providing information as well as software updates, all of which would be useful if you are intent on keeping malware out. Most Popular