LightCyber, a leading provider of Behavioural Attack Detection solutions and Ayehu Software Technologies, a leading provider of enterprise-grade automation and orchestration solutions for IT and cyber security incident response automation, has announced an integration between the LightCyber Magna platform and the agent less Ayehu eyeShare solution to both detect the attempted network spread of ransomware and automatically quarantine the affected computers, shutting down the attack.
A recent interagency report from multiple Federal government agencies, including the CIA, NSA and Department of Homeland Security, shows that since 1 January 2016 there have been over 4,000 reported ransomware incidents per day in the US, over three times the number of daily incidents reported in 2015. Businesses and organisations have been crippled by network outbreaks of ransomware. The Hollywood Presbyterian Medical Centre reportedly lost more than $100,000 per day and could not serve urgent medical needs due to an inability to perform such computationally-intensive services such as CT scans because of being locked down due to a ransomware infestation.
“Ransomware is a scourge on the life blood of businesses and vital services once it moves beyond a single infected computer to infect all computers and storage devices on a network,” said David Thompson, senior director of product management, LightCyber. “LightCyber Magna detects targeted or opportunistic attempts to spread ransomware from a single computer across the network. With this new integration, Magna alerts eyeShare which can then automatically quarantine the infected computer.”
“Stopping the network spread of ransomware requires quick, decisive action based on accurate detection,” said Guy Nadivi, director of business development, North America, Ayehu Software Technologies. “Now a confirmed alert from Magna can trigger eyeShare to orchestrate an Automated Security Playbook policy designed for swift remediation that can stop the attempted network spread of ransomware in its tracks.”
The LightCyber Magna platform thwarts ransomware attacks by detecting:
- Communication from ransomware to command and control servers
- Encryption of files on network drives and file shares
- Reconnaissance and lateral movement activity in spreading ransomware across the network to other computers and storage devices
- Ransomware processes on hosts using LightCyber’s unique Pathfinder agentless endpoint interrogation and the Magna Cloud Expert System for malware analysis
Once LightCyber Magna has detected a ransomware attack, it sends an alert to Ayehu eyeShare. Ayehu eyeShare can be configured to automatically isolate or quarantine the compromised machine to contain the attack and prevent network-wide damage.
LightCyber Magna and eyeShare from Ayehu Software Technologies are immediately available.