fbpx

Resources

Learn more about Ransomware & other threats to your data

The rise of ransomware is causing enormous global damage infecting over 121 million companies per year and therefore costing individuals and companies billions.


DOWNLOAD NOW

What Is Ransomware?

Malware that locks your device/data

Ransomware is defined as vicious malware that locks users out of their devices or blocks access to files until a sum of money or ransom is paid. Ransomware typically gets installed on a user’s workstation (PC or Mac) using a social engineering attack where the user gets tricked in clicking on a phishing link or opening an attachment.

Malware that locks your device/data
Background

How does ransomware work?

Locking valuable files

Once ransomware is on a victim's computer, it automatically searches for files that it encrypts while spreading its reign of havoc to associated networks (putting entire companies at risk for a single breach). When a victim attempts to access one of these encrypted files they are blocked and are given directions as to how to pay the ransom to unlock the files. Ransoms (ranging from hundreds to millions of dollars) are often paid using hard to trace cryptocurrencies like Bitcoin. Businesses that are infected with ransomware, are often plagued with temporary or permanent loss of sensitive or proprietary information, often catastrophic disruption operations, hefty expenses incurred restoring files and systems, and harm to an organization’s reputation when news of the hack is undoubtedly released/leaked to the press.

Locking valuable files
Background

Post-Attack

Recovery Possible?

Unfortunately, once files are encrypted, the only way to get them back is to restore a backup or pay the ransom. However, new ransomware variations are now often corrupting unsecured backups before the victims know what hit them. In addition, 40% of victims who pay a ransom never get their data back-would you trust a criminal? With Ransom Data Guard, not only are backups secured against attacks, but your files are hidden so they are not locked in the first place. This proactive approach keeps your data safe.

View a list of ransomware victims
Recovery Possible?
Background

Protecting Against Ransomware

Are you ready for a ransomware attack?  The question is not if you will be attacked, but when.


Are you backing up?

Backup your data. Assuming you have backups available, recovering from a ransomware attack is as simple as wiping and reimaging an infected computer (something Ransom Data Guard can do with 1-click).  Given its pivotal nature, it is key that data backups are stored on a secured cloud server with multiple-factor authentication and high-level encryption.  Local backup redundancies should also be in place.


Are you protecting your data?

Once ransomware takes hold of your computer and its files, reversing the attack can be an arduous task if not prepared.  Using solutions like Active Cypher’s Ransom Data Guard and File Fortress (built to secure business data), one can protect their data making it invisible to ransomware and encrypted end-to-end.


Learn about File Fortress


Is your computer updated?

Patch and update your software. Ransomware often relies on exploit kits to gain illegal access to a computer or network. As long as your computer’s software is up-to-date, exploit-based ransomware (e.g. GandCrab) can’t hurt you.  Outdated and obsolete software should also be avoided as vulnerabilities will persist.  While zero-day threats will continue to exist, automatic updates help keep you ahead of others.



Know thy enemy

Ransomeware to know

Meet some of the most infamous ransomware variants


WannaCry

As its name suggests, WannaCry’s unfortunate success has led to much grief.  Starting in May 2017, WannaCry has infected over 300,000 computers in practically every country in the world by taking advantage of an unpatched Microsoft Windows vulnerability (MS17-010).  While a patch was released, some estimate millions of computers remain vulnerable.
GandCrab

Discovered at the end of 2018, GandCrab is part of Ransomware-as-a-Service (RaaS) deployment and has quickly become a very commonly seen ransomware threat.  The developers of GandCrab that they were retiring after the ransomware made $2 billion in total, netting them $150 million personally.

Sodinokibi

Sodinokibi is allegedly distributed by attackers affiliated with those that distributed the infamous GandCrab ransomware. Perhaps hinting to a level of state-sponsorship, Sodinokibi avoids infecting computers from Iran, Russia, and other countries that were formerly part of the USSR.

Robbinhood

Despite its name, RobbinHood ransomware is not stealing from the rich to give to the poor. Instead, the malicious code which is gaining popularity in the black hat worlds, targets enterprise and critical government infrastructure, feeding ransom to itself.

Background

Types of Ransomware

Discover the different permutations of ransomware and how they could infect your computer.


Scareware

A common rogue security software/tech support scams often seen with a pop-up message claiming that malware was discovered and the only way to get rid of it is to pay up. If the victim does nothing, they’ll continue to be plagued with annoying pop-ups, but their files will remain essentially safe.


Screen Lockers

When lock-screen ransomware infects a computer, the victim will be frozen out of their PC entirely. Upon starting up their computer, a window will appear, often paired with a fake US Department of Justice or FBI seal stating illegal activity has been detected on their computer and demanding a fine be paid


Encrypting Ransomare

By far the most feared and common form of ransomware. Once within your computer, the victim’s files are encrypted and a demand for payment is made. Unless the ransom is paid, retrieval of the files is impossible (but remember 40% of  victims do not receive their documents back even after paying a ransom).



Learn More

Statistics

Ransomware unfortunately a growing threat.


check 67% Of ransomware is delivered by email¹

check 151.9m Number of 2019 Breaches²

check 40% of victims who pay never regain access to their data.³

check $75 Billion Yearly cost of ransomware to businesses⁴

check 75% of companies infected with ransomware were running up-to-date endpoint protection.⁵

check 50% of a surveyed 582 cybersecurity professionals do not believe their company is ready to repel a ransomware attack.⁶


Statista¹  SonicWall²  IDC Report³  Datto⁴  Sophos⁵  Pwnie Express⁶


Already ransomed? See list of available decryptors.

Background

History of Ransomware

Born in the early days of computing, the use of ransomware has exploded since the WannaCry attacks in 2017.


Early Days

The first known ransomware was PC Cyborg (aka AIDS), developed in the late 1980s. PC Cyborg encrypted all files in the C: directory after 90 reboots, subsequently demanding the victim renew a license by sending $189 by mail to PC Cyborg Corp. The encryption used was simple enough to reverse, so it was not seen as a major threat and was not widely utilized.


The Rise of Encryption

In 2013, CryptoLocker re-introduced to the world encrypting ransomware. CryptoLocker used advanced encryption paired with remote key storage, to make it virtually impossible for victims to get their data back without paying hefty ransoms. This type of encrypting ransomware is widely used today, as it’s proven to be an incredibly profitable scheme for cybercriminals. Large scale outbreaks of ransomware, such as WannaCry and Petya, used encrypting ransomware to prey on individual victims and businesses across the globe.


Newest Threats

Criminals behind the Sodinokibi ransomware (an alleged offshoot of the infamous GandCrab) have increasingly used managed service providers (MSPs) to spread malware. In mid-2019, hundreds of dental offices around the U.S. found they could no longer access their patient records. Attackers used a medical records software company (the MSP), to directly infect over 400 dental offices using the 3rd party software.


Read the full history


Questions?

Frequently Asked Questions


The simple answer is no.  While some anti-virus solutions protect against older versions of ransomware, this protection is done “after the hack”.  The only way to defeat ransomware is to not allow it to take hold of your files in the first place.

Ransom Data Guard takes a proactive approach to defending against ransomware by ensuring that your data always remains safe.  Unlike other solutions, Ransom Data Guard does not operate “after the hack” nor require user interaction / IT oversight.

Ransomware has become an enormous business perpetrated by both organized crime and nation-state actors.

Organized criminals are motivated by extorting as much money as possible. Increasingly they distribute their malware as ransomware kits that anyone can use – even if they don’t have much technical expertise. The ransomware as a service (RaaS) model sadly has been very effective at spreading their malicious software. The criminals facilitate the payments and decryptions while taking a percentage of the collected ransom.

Nation-states have utilized ransomware as a revenue source and as a manner to disrupt the economic and governmental well-being of their rivals.  The large resources a nation-state has at its disposal to mount such attacks is especially disruptive.

The majority of popular ransomware strains utilize such strong encryption that decrypting files is unfortunately not possible.  In limited cases, older ransomware families (Rakhni, Agent.iih, Aura, and a few others) have decryptor’s available.

With Ransom Data Guard, you don’t need to worry about ransomware even taking a hold in your computer, let alone encrypting your data.  Protection is automated and far-reaching.  Ransomware is deflected.

Send any questions via our Support Form.  Our team will reach back ASAP!

Every 5 Seconds There Is A Ransomware Attack

40% of victims who pay a ransom never regain access to their data. Don't be a victim.

Join Waiting List


Background

File Cloaking


Make your files invisible to ransomware using proprietary security algorithms. Hackers can’t take, what they can’t see.
 
close-link
Cloud Backup & Restore

Create a secure backup of your files on the cloud allowing for seamless restoration of your data in case of disruption.
close-link
Secure Email Share

Share your files securely with friends, family, colleagues, and clients. No password sharing is required – we do everything on our end to provide you with the most convenient and secure solution for file sharing. View only and editable modes allow you to customize the level of access.
close-link
Automated Data Restoration

Should your system be attacked, Active Cypher automatically restores your files from the cloud backup or cache – immediately reversing the effects of any attack.
close-link
A.I. Threat Learning

Using artificial intelligence, Active Cypher monitors your computer in real-time – examining the process stack to identify activities that exhibit behavior patterns that are typically seen in ransomware attacks. Artificial Intelligence-powered sensors are deployed with aggressive anomaly detection models to proactively identify suspicious executables.
close-link
One-Click Cloud Restore

One-Click Cloud Restore allows you to revert your computer back in time and remove all known and unknown malware programs from your computer while maintaining the sanctity of data.
close-link
Lightweight yet powerful

With an extremely small client engine using limited memory, Active Cypher makes decisions about critical files with virtually no CPU or disk (IOPS) overhead.
close-link
Document Collaboration

Work securely together on projects. Collaborate with coworkers while maintaining the ultimate security of your files.
close-link
Large File Support

From heavy movie files to engineering renderings, Active Cypher provides protection to many unprotected classes of files.
close-link
Zero Day Threat Updates

Receive the latest updates on zero-day threats that take advantage of previously unknown vulnerabilities.
close-link
Automatic Threat Analysis

Automatically analyses possible activity done by a suspicious software in your system. If there is potential ransomware running, you will be notified as the file is removed.
close-link
End-to-End Encryption*

Secure data wherever it goes with advanced end-to-end encryption. Available with AES 256 or proprietary Quantum Encryption Standard (QES). Native support for thousands of file types.
close-link
GDPR/CCPA Compliance*

Governments have made it clear: encrypt your data or be penalized. Active Cypher helps clients achieve auditable compliance within an afternoon.
close-link
Behavioral Detection

Using artificial intelligence, Active Cypher monitors your computer in real-time – examining the process stack to identify activities that exhibit behavior patterns that are typically seen in ransomware attacks.
close-link
Remote Worker Security*

On a corporate network, IT teams can easily secure employee computers and company data. This becomes harder to accomplish when an employee retrieves and shares information from outside the network – where devices (company and personal) are exposed to cyberattacks that can steal login credentials or encrypt company data with ransomware.
close-link
Quantum-Resilient Encryption*

Using proprietary, innovative technologies that leverage new approaches and unique performance accelerants, Active Cypher developed the most powerful quantum-resilient encryption. Our bit-shifting/bit-stream cipher algorithms were designed to be impervious to brute force attacks based on integer-based prime factorization techniques which have been documented quantum computer infosec world.
close-link
Secure Private Cloud*

Leveraging a deep integration with Azure and Active Directory, Active Cypher deploys your own secure private cloud. Synchronizes with Office 365 and Azure Active Directory cloud services. Requires no additional management or programs, nor the knowledge and exchange of keys, certificates, passwords, or secrets.
close-link
Hybrid/Multi-Cloud Support*

Real-time data security. No dilution of file governance across cloud storage endpoints. Remote work protected.
close-link
Intelligent Threat Response*

Artificial Intelligence (AI) driven threat protection and incident response prevent the spread of breaches inside any data center and cloud.
close-link
Automated Zero-Trust Architecture*

Never trust, always verify. Identity-centric attributes obtained from Azure Active Directory metadata and evaluated with risk-based escalations.
close-link
Crypto-Agility*

Runs native with AES 256 or proprietary Quantum Encryption Standard (QES). Newer encryption library standards available to be added.
close-link
IT/Compliance Oversight Tools

Single pane of glass compliance measures and risk management in support of the client’s requirements.
close-link
close-link