Ransom Data Guard is a disruptive solution to effectively solve ransomware threats for everyone from individuals to enterprises. Recognize and repel ransomware attacks utilizing Ransom Data Guard’s combination of proprietary Active Cypher encryption orchestration, smart AI, and advanced endpoint protection.
Survive ransomware attacks 24-7 with your files safely restored to a cleaned or replaced device. Protection starting at $120/yr.
Join the Waitlist
Get early access to Ransom Data Guard's disruptive solution.
Every 10 Seconds There Is A Ransomware Attack
The profitability of ransomware’s extortion has plagued individuals, businesses, and government agencies alike. The best protection against this threat today is Active Cypher’s Ransom Data Guard which provides fully operational ransomware prevention upon installation, using encryption of the data at the file level and other proprietary methods that ensure that files are protected from a ransomware’s deployment.
*IDC Report **SonicWall
One of the most infamous ransomware variants
As its name suggests, WannaCry’s unfortunate success has led to much grief. Starting in May 2017, WannaCry has infected over 300,000 computers in practically every country in the world by taking advantage of an unpatched Microsoft Windows vulnerability (MS17-010). While a patch was released, some estimate millions of computers remain vulnerable.
EternalBlue, an exploit that was allegedly developed by the United States’ National Security Agency (NSA), was released publically by a group of hackers called the Shadow Brokers. EternalBlue allowed WannaCry to spread rapidly, with DoublePulsar being the ‘backdoor’ installed on the infected computers.
The $2 billion ransomware
Discovered at the end of 2018, GandCrab is part of Ransomware-as-a-Service (RaaS) deployment and has quickly become a very commonly seen ransomware threat. GandCrab is the first ransomware to demand payment in DASH cryptocurrency and while utilizing the “. bit” top level domain (TLD). This TLD is not sanctioned by ICANN and it therefore provides an extra level of secrecy to the attackers. GandCrab uses AES-256, RC4, and RSA-2048 encryption for encrypting AES keys, the victim’s data, and Network traffic data respectively.
Perhaps with a sick level of obnoxiousness, the developers of GandCrab boasted that they were shutting down their operations in January 2019 and retiring after their ransomware made a $2 billion in total, netting them $150 million personally. The crooks behind GandCrab actively updated their RaaS, keeping up with new security patches. Will GandCrab ever come out of retirement?
Sodinokibi is allegedly distributed by attackers affiliated with those that distributed the infamous GandCrab ransomware. Perhaps hinting to a level of state-sponsorship, Sodinokibi avoids infecting computers from Iran, Russia, and other countries that were formerly part of the USSR. The ransomware uses an Elliptic Curve Integrated Encryption Scheme (ECIES) for key generation and exchange (Elliptic-curve Diffie-Hellman key exchange algorithm).
Sodinokibi uses AES and Salsa20 algorithms to encrypt session keys and user’s files respectively. AES is also used to encrypt network data that is sent to the control server. The ransomware typically demands from the victim around 0.32806964 BTC (≈ $2,500) to regain access to the encrypted files.
No charity with this Robbinhood
Despite its name, RobbinHood ransomware is not stealing from the rich to give to the poor. Instead, the malicious code which is gaining popularity in the black hat worlds, targets enterprise and critical government infrastructure, feeding ransom to itself. In 2019 alone, RobbinHood successfully attacked and received ransom payouts from the cities of Baltimore, Maryland, and Greenville, North Carolina.
Robbinhood’s ransom isn’t at all cheap. Demands from the malicious actors can range from 3 Bitcoin for a single computer up to 13 Bitcoin for a organization’s network, which translates to tens of thousands of dollars. Some cities have reportedly paid millions.
Ransom Data Guard takes a proactive approach to defending against ransomware by ensuring that malicious software is made harmless and automatically deleted. Unlike other solutions, Ransom Data Guard does not require user interaction nor IT oversight.
Ransomware is a form of malware (trojan or other virus) utilized by malicious actors to extort money from individuals, businesses, and governments. While many types of ransomware exist, a typical attack encrypts a victim’s data and displaying instructions how to pay a ransom payment – usually in the form of cryptocurrencies like Bitcoin. Ransomware is not cheap and there is no guarantee for success in decryption.
In fact, while cybercriminals promise to provide a decryption key upon payment of the ransom – 40% of victims who pay unfortunately never regain access to their data.
Phishing attacks, in which a victim receives a legitmate looking email that tricks them to click a malicious link or open a infected attachment, are often used with disasterous success to spreading ransomware.
While many corporations and organizations have instituted countless hours of cybersecurity training, cybercriminals are often devising new manners to inject ransomware into networks. Training unfortunately only goes so far. In fact, a test of 1000 CIOs revealed, 32% clicked on a potentially malicious link. The lapse of a single user can put an entire company at risk.
Conventional anti-virus software which look for previously classified types of ransomware cannot keep up with today’s ever-evolving threats. Ransom Data Guard’s AI stands ahead of the pack, detecting ransomware attacks based on suspicious activities, preventing the malware from taking any malicious action, and automatically deleting it.
Ransomware has become an enormous business perpetrated by both organized crime and nation-state actors.
Organized criminals are motivated by extorting as much money as possible. Increasingly they distribute their malware as ransomware kits that anyone can use – even if they don’t have much technical expertise. The ransomware as a service (RaaS) model sadly has been very effective at spreading their malicious software. The criminals facilitate the payments and decryptions while taking a percentage of the collected ransom.
Nation-states have utilized ransomware as a means to both to a source of revenue and a manner to disrupt the economic and governmental well-being of their rivals. The large resources a nation-state has at its disposal to mount such attacks is especially perturbing.
The majority of popular ransomware strains utilize such strong encryption that decrypting files is unfortunately not possible. In limited cases, older ransomware families (Rakhni, Agent.iih, Aura, and a few others) have decryptor’s available.
With Ransom Data Guard, you don’t need to worry about ransomware even taking a hold in your computer, let alone encrypting your data. Protection is automated and far-reaching. Ransomware is deflected.
We take pride in our partnership with Microsoft, a leader in security automation and intelligence. Active Cypher leverages many of Microsoft’s tools, providing enhanced security.