Security Market Segment LS
Tuesday, 30 June 2020 23:16

Attivo adds Ransomware 2.0 defences

Attivo Networks senior vice-president of engineering Srikant Vissamsetti Attivo Networks senior vice-president of engineering Srikant Vissamsetti

Cyber deception specialist Attivo Networks has added ransomware protection to its Endpoint Detection Net (EDN) product.

Attivo's EDN now improves file protection against human-operated ransomware by concealing and denying access to production mapped shares, cloud storage, and selected files or folders.

This limits the malware to the decoy environment, reducing the risk of a successful data compromise.

Traditional endpoint protection or endpoint detection and response products work by signature matching or behavioural anomaly detection, which are open to evasion by human attackers.

According to Attivo, such human-operated "Ransomware 2.0" attacks start with APT-style tactics designed to bypass traditional security controls and gain an initial foothold. From there, the attacker conducts network discovery, probes Active Directory, moves laterally, and identify high-value assets to target by encrypting critical data or taking control of other assets.

According to recent Mandiant threat intelligence research, in 75% of cases at least three days passed between the first evidence of malicious activity and ransomware deployment.

EDN, within the Attivo Networks ThreatDefend platform, obscures production files, folders, removable disks, network shares, and cloud storage from attackers; detects attempted exploitation and encryption of decoy file shares (when used in conjunction with BOTsink deception servers); slows attackers by distracting them with high-interaction deception techniques; detects credential theft and attempted enumeration of local administrator accounts and Active Directory for privilege escalation; and provides native integrations that deliver automated isolation and reduce response time.

Attivo Advanced Protection Disrupts Ransomware 2.0

More information is available here.

“Advanced human-controlled ransomware can evade endpoint security controls and after initial compromise, move laterally to cause maximum damage, do data exfiltration and encrypt data,” said Attivo Networks senior vice-president of engineering Srikant Vissamsetti.

“This advanced protection by the Attivo EDN solution disrupts ransomware’s ability to move laterally and prevents unauthorised access to data by concealing production files, folders, removable disks, network shares, and cloud storage.”

EDN's ransomware protection capabilities are available immediately.


Recently iTWire remodelled and relaunched how we approach "Sponsored Content" and this is now referred to as "Promotional News and Content”.

This repositioning of our promotional stories has come about due to customer focus groups and their feedback from PR firms, bloggers and advertising firms.

Your Promotional story will be prominently displayed on the Home Page.

We will also provide you with a second post that will be displayed on every page on the right hand side for at least 6 weeks and also it will appear for 4 weeks in the newsletter every day that goes to 75,000 readers twice daily.


talentCRU FREE WEBINAR INVITE - Cybersecurity in COVID-19 times and beyond

With the mass transition to remote working, our businesses are becoming highly dependent on the Internet.

So, it’s no surprise that we’ve seen an increase in cyberattacks.

However, what’s more concerning is that just 51% of technology professionals are highly confident that their cybersecurity teams are able to detect and respond to these threats.

Join us for this free online roundtable where our experts discuss key cybersecurity issues IT leaders are facing during the pandemic, and the challenges that will likely emerge in the coming years.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments