Are You in Position to Avoid Being Held Hostage? - Attivo Networks
Attivo Networks Blogs

Are You in Position to Avoid Being Held Hostage?

The continued addition of operational technology (OT) into connected networks is playing a key role in expanding the threat landscape. And unfortunately, today’s sophisticated hackers see the evolution as an opportunity to deploy new ways to attack manufactures.

To counter Ransomware 2.0, Attivo Networks recently announced new capabilities to its Endpoint Detection Net (EDN) solution to improve file protection by concealing and denying access to production mapped shares, cloud storage, and selected files or folders. By hiding this information, the EDN solution limits the malware’s choice to engage only with the decoy environment and dramatically reduces the risk of a successful data compromise. Many organizations continue to struggle with the cost and impact of widespread ransomware attacks but derailing these attacks early can save organizations from those consequences.

Traditional endpoint solutions, like Endpoint Protection Platforms (EPP) and Endpoint Detection and Response (EDR), use signature matching or behavioral anomaly detection to identify malicious binaries and block the execution of ransomware to stop the infection. Unfortunately, with human attackers using advanced methods, many of their techniques can evade these solutions.

“Advanced human-controlled ransomware can evade endpoint security controls and after initial compromise, move laterally to cause maximum damage, do data exfiltration and encrypt data,” said Srikant Vissamsetti, senior vice president of engineering, Attivo Networks. “This advanced protection by the Attivo EDN solution disrupts ransomware’s ability to move laterally and prevents unauthorized access to data by concealing production files, folders, removable disks, network shares, and cloud storage.”

Protecting Operational Technology

Carolyn Crandall, chief deception officer at Attivo, tells IndustryWeek that securing connected operational technology (OT) devices against external and insider threats has its unique set of challenges. “It is not always possible to load security software onto these systems and they may be running on old firmware that cannot be patched. There may also be situations where they are not allowed to modify them for safety reasons as it could alter operating behaviors,” says Crandall.

Read the full article for more recommendations in IndustryWeek.

Share on:

Free Active Directory Assessment

Get Visibility Into Privilege And Service Account Exposure

For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.

Try Our Endpoint Detection Net (EDN) for Free

FAST AND EASY

Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.

Newsletter Signup

    Yes, please opt me in to receive your quarterly newsletter, event invitations, and product updates.

    I understand that I can opt out at any time, and can refer to Attivo Networks Privacy Policy for more information.
  • This field is for validation purposes and should be left unchanged.

ADSecure 90-Day Free Trial

GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY

  • Hide and deny access to AD objects
  • Get alerted on unauthorized queries
  • Attack details easily viewable in dashboard
  • Your data remains on-premise

RSS

Leave a Comment

Your email address will not be published. Required fields are marked *

8 + two =

Ready to find out what’s lurking in your network?

Scroll to Top