The continued addition of operational technology (OT) into connected networks is playing a key role in expanding the threat landscape. And unfortunately, today’s sophisticated hackers see the evolution as an opportunity to deploy new ways to attack manufactures.
To counter Ransomware 2.0, Attivo Networks recently announced new capabilities to its Endpoint Detection Net (EDN) solution to improve file protection by concealing and denying access to production mapped shares, cloud storage, and selected files or folders. By hiding this information, the EDN solution limits the malware’s choice to engage only with the decoy environment and dramatically reduces the risk of a successful data compromise. Many organizations continue to struggle with the cost and impact of widespread ransomware attacks but derailing these attacks early can save organizations from those consequences.
Traditional endpoint solutions, like Endpoint Protection Platforms (EPP) and Endpoint Detection and Response (EDR), use signature matching or behavioral anomaly detection to identify malicious binaries and block the execution of ransomware to stop the infection. Unfortunately, with human attackers using advanced methods, many of their techniques can evade these solutions.
“Advanced human-controlled ransomware can evade endpoint security controls and after initial compromise, move laterally to cause maximum damage, do data exfiltration and encrypt data,” said Srikant Vissamsetti, senior vice president of engineering, Attivo Networks. “This advanced protection by the Attivo EDN solution disrupts ransomware’s ability to move laterally and prevents unauthorized access to data by concealing production files, folders, removable disks, network shares, and cloud storage.”
Protecting Operational Technology
Carolyn Crandall, chief deception officer at Attivo, tells IndustryWeek that securing connected operational technology (OT) devices against external and insider threats has its unique set of challenges. “It is not always possible to load security software onto these systems and they may be running on old firmware that cannot be patched. There may also be situations where they are not allowed to modify them for safety reasons as it could alter operating behaviors,” says Crandall.
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.