Data Guard
The ultimate solution to avoid insider mistakes while thwarting ransomware. Our Data Guard solution is an Enterprise-level security that is both easy to use and affordable.
device based
Secure A Chain Of
Data Custody
Chain of data custody should be maintained to ensure admissibility and evidence integrity.
Clients utilizing Data Guard are able to fulfill chain of custody requirements with complete transparency and auditability of file activity. AI-powered sensors capture and log events such as who accessed a file, at what time, and whether a file was modified, downloaded and/or shared.
Make Your Files Invisible
To Ransomware
If they can see it, they will attack it. Block ransomware and other cyberthreats from locking your company data and personal file, demanding a hefty payment. Data Guard makes sure your files are hidden from ransomware and proactively fights threats at every stage of the attack chain. Your data protection is our top priority.
Average hourly cost of downtime*
Number of 2019 Breaches**
of organizations were attacked over the past 3 years*
Powerful. Automated. Trusted.
The ultimate solution to avoid insider mistakes and cyberthreats. Enterprise-level security that is both easy to use and affordable.
Ensure your files protection. Get our unmatched Data Guard solution now.
Why Data Guard?
Defend your Intellectual Property
Track and protect your files even after they are emailed. Maintain advanced control through Secure File Share:
• Control how files are used.
• Timestamp when file was opened.
• Log time spent on each page.
• Know location of every file via IP geolocation.
Limit Duration of Access
In many cases, data shouldn’t be shared forever.
• Limit how long a file remains viewable.
• Shared files can be recalled instantaneously.
• Access to shared files can be revoked at any time, whether in an inbox or opened on a web browser.
Increased Protection and Governance
Create an auditable trace of who accessed your data with AI-powered sensors.
• Monitor suspicious activity.
• Maintain compliance with GDPR, CCPA, and other consumer protection laws.
One of the most infamous ransomware variants
As its name suggests, WannaCry’s unfortunate success has led to much grief. Starting in May 2017, WannaCry has infected over 300,000 computers in practically every country in the world by taking advantage of an unpatched Microsoft Windows vulnerability (MS17-010). While a patch was released, some estimate millions of computers remain vulnerable.
EternalBlue, an exploit that was allegedly developed by the United States National Security Agency (NSA), was released publically by a group of hackers called the Shadow Brokers. EternalBlue allowed WannaCry to spread rapidly, with DoublePulsar being the ‘backdoor’ installed on the infected computers.
The $2 billion ransomware
Discovered at the end of 2018, GandCrab is part of Ransomware-as-a-Service (RaaS) deployment and has quickly become a very commonly seen ransomware threat. GandCrab is the first ransomware to demand payment in DASH cryptocurrency and while utilizing the “. bit” top-level domain (TLD). This TLD is not sanctioned by ICANN and it, therefore, provides an extra level of secrecy to the attackers. GandCrab uses AES-256, RC4, and RSA-2048 encryption for encrypting AES keys, the victim’s data, and Network traffic data respectively.
Perhaps with a sick level of obnoxiousness, the developers of GandCrab boasted that they were shutting down their operations in January 2019 and retiring after their ransomware made $2 billion in total, netting them $150 million personally. The crooks behind GandCrab actively updated their RaaS, keeping up with new security patches. Will GandCrab ever come out of retirement?
State-sponsored ransomware?
Sodinokibi is allegedly distributed by attackers affiliated with those that distributed the infamous GandCrab ransomware. Perhaps hinting at a level of state-sponsorship, Sodinokibi avoids infecting computers from Iran, Russia, and other countries that were formerly part of the USSR. The ransomware uses an Elliptic Curve Integrated Encryption Scheme (ECIES) for key generation and exchange (Elliptic-curve Diffie-Hellman key exchange algorithm).
Sodinokibi uses AES and Salsa20 algorithms to encrypt session keys and user’s files respectively. AES is also used to encrypt network data that is sent to the control server. The ransomware typically demands from the victim around 0.32806964 BTC (≈ $2,500) to regain access to the encrypted files.
No charity with this RobbinHood
Despite its name, RobbinHood ransomware is not stealing from the rich to give to the poor. Instead, the malicious code, which is gaining popularity in the black hat worlds, targets enterprise and critical government infrastructure, feeding ransom to itself. In 2019 alone, RobbinHood successfully attacked and received ransom payouts from the cities of Baltimore, Maryland, and Greenville, North Carolina.
RobbinHood’s ransom isn’t at all cheap. Demands from the malicious actors can range from 3 Bitcoin for a single computer and up to 13 Bitcoin for an organization’s network, which translates to tens of thousands of dollars. Some cities have reportedly paid millions.
Learn More About Data Guard
Schedule a call to consult with our cybersecurity specialists.