RansomCare (RC) by BullWall - Ransomware Isolation
Autor: BullWall A/S
RansomCare(RC) by BullWall is a 24/7 automated solution proven to stop ransomware outbreaks
In a scenario where a ransomware has already bypassed your existing security solutions, it is now effectively “whitelisted” to infiltrate your business, causing as much disruption as possible by encrypting as many of your files as it can in the shortest possible time. Ransomware is by far the most expensive and disruptive form of malware to hit organizations today.
CAN YOU ANSWER THE BELOW QUESTIONS EFFECTIVELY?
- How do you see which files are encrypted and where they reside?
- How do you identify which user and which device initiated the attack?
- How do you stop the ongoing encryption immediately before significant damage occurs and how long will it take to restore files at what cost?
- Can you accurately report GDPR if thousands of files have been lost to illegitimate encryption?
WHAT DO WE DO?
- We DETECT known and unknown threats
- We RESPOND by alerting and shutting down
- We help RECOVER your data
- We provide REPORTS for GDPR and compliance
RC provides a revolutionary Last Line of Defense against the threat from ransomware and delivers a 24/7 automated response. It does not matter which user, or which device triggered the outbreak. Nor does it matter if it is a known or unknown ransomware outbreak, or if the outbreak started on an endpoint, a mobile phone, an IOT device, via email, website drive-by-attack, USB key, or were deployed by someone inside your organisation.
RC detects on the heuristics of file creations and changes. No matter which attack-surface the ransomware used to bypass existing security solutions and which device started the encryption (PC/Windows, MAC, Linux, Android, Firmware in cameras, multi-function printers, RDP Brute Forced etc.), RC will always detect when files are being encrypted and once an outbreak starts, RC prevents the majority of files from being encrypted.
RC is completely agentless, constantly looking for signals / unusual behaviors which are common in connection with Ransomware outbreaks (encryption, speed of file changes etc. on the files where none of your current protection operates).
RC empowers IT teams to respond to outbreaks, shut them down instantly, recover quickly, and report the information back to the DPO while minimising disruption and cost.
Ransomware is by far the most expensive and disruptive form of malware to hit organizations today. Key facts around these types of attacks are:
- A Ransomware attack happens every 15 seconds
- There are 6000 sites on the dark web selling Ransomware as a service
- Average ransom asked for RYUK is USD 250,000 to get your data back
- 6-8,000 files per minute are encrypted