January 11, 2021 | 2 minute read
Ransomware can literally put organizations and lives at risk, as witnessed in 2020 with the continuous onslaught of attacks against the healthcare industry, research organizations working on COVID-19 vaccines, telecommunication centers, financial institutions, the public sector and companies across every industry vertical.
Ransomware has evolved to evade available anti-malware defenses and can spawn variants that can hide in virtual machines, eluding traditional defense techniques. Advances in machine learning detection of ransomware can be effective, but this approach also introduces high-compute processes that consume system resources and negatively impact performance and user experience.
To solve for these issues, Cybereason® is pleased to announce our collaboration with Intel® Hardware Shield to provide robust protection against ransomware attacks at machine speed without disruptive CPU resource consumption.
The joint solution represents the first instance where PC hardware plays a direct role in ransomware defenses to better protect enterprise endpoints from costly attacks, and underscores both companies’ commitment to empowering defenders by reversing the adversary advantage. More information on our anti-ransomware capabilities can be found here.
“This collaboration with Intel to add CPU based threat detection bolsters our long history and industry-leading capabilities in detecting and eradicating ransomware,” said Lior Div, CEO and Co-Founder, Cybereason.
“The combination of best-of-class hardware, software, and security know-how provides defenders with full-stack visibility critical to ending the era of double extortion that is currently costing organizations hundreds of millions each year.”
Additionally, the collaboration provides another source of intelligence for ransomware threat detection through the integration of Intel TDT capabilities into the Cybereason Defense Platform. Cybereason’s superior prevention, detection and response capabilities combined with Intel Hardware Shield protects enterprise customers from ransomware while improving overall security performance.
Additional value that Intel and Cybereason are bringing to the market:
• CPU Threat Detection—Enables enterprise customers to go beyond signature and file-based techniques by leveraging CPU-based behavioral prevention of ransomware.
• Full-Stack Visibility—Eliminates blind spots to expose ransomware as it avoids detection in memory or hides in virtual machines while differentiating legitimate data encryption processes for business purposes.
• Unleash Machine Learning for Better Security—Enterprises can accelerate performance-intensive machine learning security algorithms by offloading to the Intel integrated graphics controller to boost capacity to analyze more data and do more security scans.
• Accelerate Endpoint Prevention, Detection & Response—Enterprises can bolster the performance of their security agent processing for better user experiences.
Cybercriminals have found success with ransomware because it can evade traditional alert-centric defenses. In the past, savvy organizations could find comfort in assuring their critical data is backed up off-site so it can be easily restored in the event of a ransomware attack.
Adversaries adapted by introducing a technique we call “double extortion” where the victim’s data is not just encrypted and held for ransom, it is also exfiltrated with the threat of being made public should the victim refuse to pay the ransom, effectively undermining the data backup strategy.
Cybereason’s multi-layered protection, in collaboration with Intel Threat Detection Technology, will enable full-stack visibility to swiftly detect and block ransomware attacks before the data can be encrypted or exfiltrated.
This collaboration between Intel and Cybereason represents a best-of-breed combination of hardware, software, and security know-how that provides defenders to detect and eradicate malware from the chip-level to the endpoint to everywhere. Together, Intel and Cybereason are working to reverse the attacker’s advantage and end cyber attacks.
“Ransomware was a top security threat in 2020, software alone is not enough to protect against ongoing threats,” said Stephanie Hallford, Client Computing Group Vice President and General Manager of Business Client Platforms at Intel.
“Our new 11th Gen Core vPro mobile platform provides the industry’s first silicon enabled threat detection capability, delivering the much needed hardware based protection against these types of attacks.”
Yonatan Striem-Amit, CTO and Co-Founder of Cybereason, is a machine learning, big data analytics and visualization technology expert, with over a decade of experience applying analytics to security in the Israeli Defense Forces and Israeli Governmental Agencies.All Posts by Yonatan Striem-Amit