ExtraHop Enables Proactive Security to Stop Ransomware in its Tracks

Targeted New Behavioral Analytics Solution Delivers Real-Time Detection and Response for Ransomware, Enabling IT and Security Departments to Detect, Investigate, and Mitigate Ransomware Attacks in Minutes

SEATTLE, WA - March 1, 2016 – ExtraHop, the global leader in real-time wire data analytics for IT intelligence and business operations, today announced a targeted new solution to help organizations proactively detect and track malicious ransomware behavior in real time, identify and protect vulnerable resources before they can be compromised.

According to a report from Kaspersky Labs, in 2015 ransomware attacks doubled and ransomware programs were detected on over 750,000 computers of unique users. In the same time period, nearly 200,000 computers were targeted by encryption ransomware. For targeted organizations, the cost goes far beyond the ransom. Lack of access to critical files can effectively shut down business operations, affecting workflows, productivity, and the bottom line. In healthcare, lack of access to critical patient information can directly impact care.

The ExtraHop platform analyzes all data in flight—client, network, application, and infrastructure activity—providing unmatched visibility into all East-West and North-South traffic to deliver the richest source of real-time security insights.

The ExtraHop ransomware solution enables a positive and proactive security model, putting the power of pattern-based analysis and machine learning to work against malicious actors. ExtraHop now fills the gap left by security platforms that protect the perimeter, scan for attack signatures, or analyze log files – methods that have proven to be ineffective at early detection and remediation. ExtraHop customers are already successfully using the Ransomware Solution to identify and stop infections before sensitive corporate network file servers and storage systems can be impacted.

  • Quickly detect anomalous behavior that is typically associated with ransomware attacks such as lateral movement across systems or irregular storage read/write operations.
  • Prevent the spread of malicious agents through customized alerting designed to notify incident response teams within minutes of a ransomware infection and provide clear guidance on the incident.
  • Remediate the affected systems by forensically investigating the source of the attack down to the client machine and URI of the external malware host.

"Traditional security solutions focus on shoring up the perimeter, relying on signatures to identify threats," said Erik Giesa, SVP of Marketing at ExtraHop. "The incredible acceleration of ransomware attacks should serve as a wake-up call that this is not enough. IT needs to get proactive about understanding its infrastructure and dependencies, and watching not just North-South but also East-West traffic. With the barbarians already inside the walls the critical requirement today is comprehensive behavioral visibility and continuous surveillance to understand where they've gained access and what they are doing. Only then can an organization begin to take a more proactive and positive security stance."

To learn more about how ExtraHop is being used to defeat ransomware attacks, check out the case study: Leading Health Services Provider Thwarts Ransomware Attack with ExtraHop. Read the datasheet for more information on the ExtraHop ransomware bundle.

To experience the power of the ExtraHop platform for yourself, explore the ExtraHop interactive online demo.

About ExtraHop

Cyberattackers have the advantage. ExtraHop is on a mission to help you take it back with security that can't be undermined, outsmarted, or compromised. Our dynamic cyber defense platform, Reveal(x) 360, helps organizations detect and respond to advanced threats—before they compromise your business. We apply cloud-scale AI to petabytes of traffic per day, performing line-rate decryption and behavioral analysis across all infrastructure, workloads, and data-in-flight. With complete visibility from ExtraHop, enterprises can detect malicious behavior, hunt advanced threats, and forensically investigate any incident with confidence. ExtraHop has been recognized as a market leader in network detection and response by IDC, Gartner, Forbes, SC Media, and numerous others.

When you don't have to choose between protecting your business and moving it forward, that's security uncompromised. Learn more at www.extrahop.com.

© 2022 ExtraHop Networks, Inc., Reveal(x), Reveal(x) 360, Reveal(x) Enterprise, and ExtraHop are registered trademarks or marks of ExtraHop Networks, Inc.

Press Contact

Ashley Stewart

ExtraHop Networks