News
CTERA Adds Data Exfiltration Prevention to CTERA Ransom Protect
April 2024 by Marc Jacob
CTERA announced the enhancement of its award-winning ransomware protection engine, CTERA Ransom Protect, with active protection against data exfiltration using honeypot techniques. This addition bolsters enterprises’ defenses against insider threats and the latest extortion tactics employed by ransomware perpetrators.
Double extortion, a tactic that combines data exfiltration and encryption, has become a widespread method used by cybercriminals in ransomware attacks. Threat actors first exfiltrate sensitive information from their targets before launching the ransomware encryption routine, subsequently demanding a ransom payment to regain access to the encrypted assets and threatening to publicly expose the stolen data if the demand is not met promptly.
CTERA Ransom Protect is an AI-powered cyber defense engine integrated into the CTERA global file system, providing zero-day protection against widespread ransomware attacks. The strong demand for Ransom Protect contributed to CTERA’s record-breaking results in 2023, solidifying the company’s position as a leader in Cyberstorage and earning it a leadership position in GigaOm’s Sonar Report for File-Based Primary Storage Ransomware Protection.
Now enhanced with honeypot capabilities, Ransom Protect utilizes the strategic deployment of decoy files within the organization’s file system and enables CTERA to identify and stop unauthorized access or attempts at data theft, effectively neutralizing threats before significant damage can occur.
Key features of CTERA Ransom Protect include:
• Data Exfiltration Prevention: Decoy files enable real-time detection and blocking of data exfiltration attacks.
• Real-time AI Detection: Advanced machine learning algorithms identify behavioral anomalies suggesting fraudulent file activity, and block offending users within seconds.
• Zero-Day Protection: Does not rely on traditional signature update services.
• Incident Management: Administrator dashboard enabling real-time attack monitoring, comprehensive incident evidence logging and post-attack forensics.
• Instant Recovery: Near-instant recovery of any affected files from snapshots that are securely stored in an air-gapped, immutable cloud object storage effectively thwarting any manipulation attempts by malicious actors.
• One-Click Deployment: Single-click feature activation on CTERA Edge Filers with latest version release.
With the introduction of CTERA Ransom Protect with honeypot, CTERA reinforces its commitment to delivering cutting-edge Cyberstorage solutions that address the evolving threats faced by modern enterprises, safeguarding their critical data assets from malicious actors.
