Skip to content
  • Fortra-Logo-TM-SkyBlue
  • File Sharing & DRM Blog
    • Digital Rights Management
    • Secure File Sharing & Compliance
    • Intellectual Property Protection
  • Partners
  • Company
    • About Us
    • Leadership
    • Careers
    • Contact Us
  • Support
  • Contact
  • Search
yH5BAEAAAAALAAAAAABAAEAAAIBRAA7
  • Why Vera?
  • Product
  • Solutions
    • By Industry
      • Manufacturing
      • Media & Entertainment
      • Financial Services
      • Venture Capital & PE
      • Technology
      • Healthcare
    • By Technology
      • DRM
      • Data Classification
      • DLP
      • Secure File Transfer
      • CASB
      • Office365
    • Column 3
  • Customers
  • Resources
  • Pricing
  • Book a Demo
    Book a Demo
Vera  »  File Sharing & DRM Blog  »  Secure File Sharing & Compliance   »   Ransomware Protection from lockbit ransomware
Back to File Sharing & DRM Blog
PrevPrevious Post
Next PostNext
yH5BAEAAAAALAAAAAABAAEAAAIBRAA7

Ransomware Protection from lockbit ransomware

  • October 16, 2020
  • Web Master

Lockbit ransomware on the loose

If security and business leaders did not already have enough to worry about in an unprecedented 2020, add cybercriminals’ upping the ante with double-extortion ransomware campaigns to the list. Ransomware protection for sensitive data is increasingly becoming a top priority for most enterprise information security teams. No longer content to just forcibly encrypt a victim’s files, sit back and wait for ransom payments before restoring access, operators of the Lockbit ransomware crew are setting up public “leak sites” to tease snippets of the files they have both encrypted and stolen. 

This is cybercrime’s version of a “belt-and-suspenders” approach to extortion: If a victim refuses or hesitates to pay to unlock their files and restore productivity, the fear of doxxing and leaking could compel them to pay faster, bigger ransoms. This becomes more likely when the nature of the data could lead to messy reputational, legal or regulatory crises for the victim, if the data is exposed.

It is hard to imagine criminals honoring a pledge to actually destroy stolen files – their leverage – if you pay them to do so. Yet, there are wider accounts of payments premised on this which are both alarming and unsettling. After all, much like giving a schoolyard bully your lunch money – what is to keep an obviously unscrupulous attacker from taking the bitcoin, deciding not to delete your files and simply extorting you again?

Deadlines, data leaks and other pressure tactics also help ransomware operators stay ahead of digital forensics and incident response investigations. Often a thorough DFIR tear-down is necessary to ensure an intruder has been conclusively expelled from your environment. Attackers realize this, so forcing a faster payment in the short term is their calculated bet on coercing a payout before incident responders have enough time on the playing field. Ideally, for the adversary, a victim pays and it is “case closed” for a time, while the attacker quietly persists on the inside and reserves the option of launching an attack all over again.

As a security practitioner in financial services and other industries before joining VERA sales engineering , I have been fighting evolving ransomware in the wild for years. In 2012, these attacks had not been dubbed “ransomware” yet and were usually missed by anti-malware tools. Back then, my teams caught them in the act when we looked for anomalous processes being executed on, for example, Microsoft Word files at scale. Hunting threats in this manner is a good reminder of the need to know exactly where your assets are, and keep this map updated faster than adversaries can.

 

Follow and ransomware protect your data – before your attackers do 

 

There is plenty of debate on ransomware’s “To Pay Or Not to Pay” dilemma – but how do we avoid that wrenching decision in the first place? What keeps an organization from reaching the tipping point where paying feels like the only way out? Boil everything down, and it is all about who holds the high ground of file control – what we specialize in delivering at VERA. 

Our file-focused security platform is an ideal defense for keeping critical files safe from ransomware’s effects, particularly for organizations that cannot realistically pull back from sharing data to collaborate across departments and third-parties, each with different workflows, devices and security . 

 

Ransomware protection of your files when ransomware arrives

 

First, when you create and manage files in VERA’s platform, they look and feel like normal files to you and teammates. However, our technology architecture applies an HTML wrapper to files, making your sensitive data appear as HTML files to malicious code detonating on a network. This aspect of our platform adds an automatic measure of immunity and resilience, because many ransomware variants are not designed to hunt down HTML files in the first place, prioritizing traditional document, spreadsheet and operating system file extensions, instead. 

Second, VERA also flexibly supports the widest range of files possible, from confidential slide decks showing forecasts in financial services to complex design blueprints containing the intellectual property powering networked and robotics-driven manufacturing of apparel, semiconductors or machinery. If you currently rely on different, piecemeal collaboration and file management platforms to handle these files, you could be inviting needless risk because ransomware operators are out to hit the most valuable (complex and near irreplaceable) files and their back-up paths, first. Losing an entire production line, HR systems or a near-completed film project – because of one exposed file – is unthinkable for our customers, which is why they choose VERA as the centralized foundation of their creativity, collaboration and resilience strategies.

Cybercriminals always bet on the complexity of connectivity and chaos the moment something bad happens, whether an attacker’s goal is simply to collect a ransom – or do something else nefarious behind a loud “Ransomware!” smokescreen. Game planning for every attack scenario becomes exhausting. No organization can predict every tomorrow, but as criminals relentlessly push the extortion envelope, those of us protecting assets have to invest in defense at every scheme’s common thread – getting control of files, in time. Contact us to learn how VERA can help your with ransomware protection against Lockbit ransomware and other variants

Recent Posts

  • PII Compliance Checklist: How to Protect Private Data January 26, 2023
  • How to Prevent Third-Party Vendor Breaches January 17, 2023
  • How to Prevent Data Loss in 10 Different Ways December 19, 2022
  • The Complete Guide to Brand Protection December 15, 2022
  • Top Benefits of Cloud-Based Access Control November 30, 2022

Learn where DRM fits in your data protection strategy

Get started

Keep your most sensitive data in the right hands​

Schedule a demo
PrevPrevious Post
Next PostNext

Featured Blog

  • July 14, 2021
Heads up! New Canadian Data Privacy Act is Around the Corner
  • January 14, 2021
Enhancing Zero Trust beyond identity to data itself
  • January 14, 2021
How to Manage Data Risk in the Finance Function

News

Press

Events

Awards

File Sharing & DRM Blog

Digital Rights Management

Secure File Sharing & Compliance

Intellectual Property Protection

Follow Us

Twitter Linkedin-in Facebook-f Youtube
Copyright © Fortra, LLC and its group of companies. All trademarks and registered trademarks are the property of their respective owners. Terms of Service |  Privacy Policy  |  Cookie Policy  | Contact Us