Understanding ransomware

  • Ransomware is a sophisticated class of malware that blocks access to files and holds that data hostage until a ransom is paid.
  • Cybercriminals use social engineering, malvertisement, brute force attacks, third-party apps, and other threat vectors to sneak ransomware onto a user's system.
  • The biggest ransomware attack to date, WannaCry, used the EternalBlue exploit to infect more than 300,000 victims in over 150 countries.
  • Ransomware-as-a-service is booming. Some cybercriminals now allow other hackers to use their ransomware in exchange for a cut of the resulting ransom.

Dear FBI, how do I secure my network
against ransomware?

Score an in-depth look into the FBI's recommended practices to prevent, detect, and respond to ransomware attacks, and learn how to safeguard your organization from ransomware.

Grab your free guide now!

DataSecurity Plus,
your solution against

Ransomware is no match for DataSecurity Plus' multi-layered defense strategy.

  • Prevent

    Least privilege for file access Review file permissions regularly to ensure that there are no unwarranted permissions to your sensitive files; if a victim has write permissions on a shared file, ransomware will encrypt those shared files too.
    Visibility on file activity Gain visibility into your file server environment, events, and user behavior to identify malicious activity.

  • Detect

    Ransomware detection Spot sudden spikes in file events like renaming, deletion, or permission changes, which are all telltale indicators of a ransomware attack.
    Real-time alerts Generate instant notifications via email for all unwarranted file modifications and permission changes, and catch extremely time-sensitive incidents.

  • Respond

    Stop the infection Cut off file encryption in the host machine within seconds by promptly shutting down the ransomware-infected machine.
    Quarantine ransomware Isolate the corrupted device from the network to minimize the impact of ransomware on your organization.

  • Analyze

    Forensic investigation Identify infected machines faster using actionable, accurate forensic data. Generate clear and concise audit records as legal evidence.

Quickly uncover ransomware intrusions using ransomware detection software

Detect and shut down potential ransomware attacks with real-time alerts and an automated threat response mechanism.

  • Quarantine malware Quarantine malware
  • Say goodbye to ransomware Say goodbye to ransomware
  • Forensic analysis made simple Forensic analysis made simple
Cut off ransomware attacks.

Stop a ransomware infection within seconds by automatically shutting down an infected machine. Execute custom scripts to perform actions tailored to your organization's needs (e.g. disconnect the user session or lock the user account).

Detect malware in real time.

Speed up incident response with instant email notifications upon detection of malware attacks, especially ransomware, by watching for sudden spikes in file renaming and modification events.

quarantine malware
Defend against WannaCry, Petya, NotPetya, and other instances of ransomware.

Many ransomware variants use a specific file extension when they encrypt data. DataSecurity Plus uses these malicious extensions to identify known ransomware variants and block them instantly.

say goodbye to ransomware
Investigate and analyze.

View in-depth details of any ransomware attacks to identify the client IP of the machine where the malware started spreading. You can use this and other information available to perform root cause analysis.

forensic analysis made simple

Frequently asked questions

  • 1. Can I automatically disconnect a user's session when a ransomware attack is detected?

    DataSecurity Plus allows you to execute your own scripts to perform actions tailored to your organization's needs (e.g. disconnect the user session, lock the user account, or shut down the system).

  • 2. Can I detect future ransomware attacks?

    DataSecurity Plus identifies all ransomware attacks promptly and generates threshold-based alerts that are triggered when a set number of monitored events occur in a defined time span.

  • 3. Can I stop known ransomware like WannaCry and Petya from infecting my whole network?

    Many ransomware variants use a specific file extension when they encrypt data. DataSecurity Plus uses these malicious file extensions to identify known ransomware variants and block them instantaneously.

  • 4. If ransomware infects my network, can I identify where the attack started?

    DataSecurity Plus lets you identify the client IP of the machine where the attack began. You can use this and other information to perform root cause analysis.

  • 5. DataSecurity Plus just alerted me that possible ransomware activity has been detected, what do I now?

    If that's the case, then DataSecurity Plus should have already shut down the potentially infected system. From here, you should analyze the audit data to identify which ransomware variant it is and start planning your strategy from there.

  • 6. What if I can't find an answer to my question here?

    No problem! Just fill out this form with as much information as possible and we will contact you with the appropriate steps.

An all-in-one solution packed with powerful features

Talk to us

Questions? Let's talk.

Have a question about features, trials, or licensing?Go ahead, ask us anything.

Thanks for your interest. We'll contact you shortly.
  • Please enter a valid Business email address
  • Please enter a valid Question
  • By clicking 'Talk to us', you agree to processing of personal data according to the Privacy Policy.

Get DataSecurity Plus easily installed, configured
and running within minutes.

One of our solution experts will get in touch with you shortly.

Email Download Link