Overview
WannaCry ransomware infected more than 230,000 machines in 2017, causing over $4 billion in losses. Between 2018 and 2019, the number of malware strains grew by nearly 50%. Since then, newer ransomware groups — such as GandCrab, Maze, REvil, and Ryuk — caused enormous disruptions and earned large ransoms. Enterprises need to detect and stop ransomware attacks from becoming large-scale security breaches that impact their finances and reputation.
Based on a zero trust architecture, ColorTokens delivers real-time protection against ransomware, preventing it from spreading within a network. The solution reduces the attack surface, prevents lateral spread, and stops a ransomware attack efficiently. It does all this by visualizing, intervening, and blocking unauthorized and malicious behavior during the ransomware attack phases.
ColorTokens in action
against GandCrab ransomware
Curb Ransomware with Multi-Layer Protection
ColorTokens leverages process-level intelligence to analyze parent-child processes. This analysis can stop suspicious application behavior, restrict unsanctioned applications, and control the USB port. ColorTokens also provides network-level controls to isolate assets that are compromised, halting any lateral movement of ransomware. This multi-layer security protects unpatched and legacy systems and helps reduce the blast radius significantly.
Visualize and Block Malicious C&C Communications
ColorTokens provides granular visibility into unauthorized command-and-control communications, no matter the tactic used for ransomware — such as phishing emails, malvertising, and more. The solution also leverages an intelligent algorithm to analyze process behavior, path, or MD5. This prevents ransomware, zero-days, file-less malware, and other threats from exfiltrating sensitive data and provides end-to-end threat trail visibility.
Stop File Encryption
Encryption starts with data downloaded from local files, cloud, or network file shares. This downloaded data is then encrypted, the original information is deleted, and the encrypted file is uploaded. ColorTokens can protect data from encryption by blocking access to sensitive files, even for privileged access users and administrators.
Resources
Double Extortion: An Emerging Ransomware Attack Pattern
Threat Research
DownloadWhat Is Ryuk Ransomware? And Why It’s Healthcare’s Biggest Disruptor Since COVID-19
Blog
Learn MoreLearn More
Request a Customized Demo
Thanks for your request!
We'll get in touch shortly to schedule your trial
