SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Katana Technologies releases anti-ransomware solution
Mon, 16th Sep 2019
FYI, this story is more than a year old

Following the latest CERT NZ report which noted a rise of 38% in ransomware attacks over the last quarter, Katana Technologies has released its anti-ransomware solution stack.

The financial losses reported between 1 April and 30 June were $6.5 million, up from the $1.7 million reported in the previous quarter.

Ransomware attacks can have not only a financial impact to the business and individuals but reputational and operational loss.

Katana Technologies looks to solve that problem by significantly mitigating the threat of ransomware and other such attacks taking hold with the business by securing the avenues of attack.

Using the case study within the latest CERT NZ quarterly report as an example, Katana Technologies founder Steve Rielly shows how any business can ensure it is in a position to significantly reduce the ransomware threat.

The example within the CERT NZ report was that of small business, a gym, with close to 1000 clients, where a manager opened what appeared to be a normal business email with a PDF attachment.

This PDF was, in fact, a ransomware file which when opened began to silently encrypt files with the Locky ransomware.

The manager took the advice of their IT provider and did not pay the ransom, though as they did not have backups of the data, suffered data loss as a result.

They also had to rebuild all their records while still maintaining the day-to-day operations, a costly exercise for any business, consuming valuable staff time and resources.

The anti-ransomware solution stack from Katana Technologies would have stopped this event from occurring, beginning with the opening of the email attachment.

The PDF file, when opened, would have been secured in a hardware-enforced application isolation wrapper, ensuring any malicious payload does not have direct access to the files or operating system.

Quite simply the ransomware payload would not be able to encrypt any data to begin with.

It may still think it's working, with the ransomware window appearing, though it would be only within the PDF readers window.

Simply Close the window, and the threat is removed with no files encrypted.

If by some very rare occurrence a threat managed to bypass isolation, or access the environment by an unprotected avenue, a “Data Sentinel” is monitoring and protecting critical business files across the network, including remote drives, file shares and cloud storage.

Encrypted files can be restored with a simple right-click, and if needed, the Operating System can be recovered to a pre-infected state with a reboot.

“The message is clear. No infection, no ransomware, no payment required, business as usual.