We’re pleased to announce the release of CryptoTrap™, a new tool aimed at helping enterprises detect and combat a rising tide of sophisticated ransomware attacks. The CryptoTrap tool uses deception technology to deceive attackers and lure them away from an organization’s valuable assets, giving enterprises the ability to detect and remediate ransomware threats before they can further compromise the network and harm critical data. CryptoTrap enables your security operations team to strike back at ransomware and take the initiative in defeating the cyber attackers.


Industry news shows us that ransomware attacks are accelerating in every industry.  According to the FBI, ransomware victims paid attackers a total of $209 million in the first quarter of 2016. The producers of the CryptoWall ransomware attack generated ransom of more than $300 million in 2015 alone. These trends are expected to continue and accelerate over the next few years.

Ransomware, plain and simple, is criminal extortion.  It brings cost in the form of ransom payments, and perhaps even worse, the disruption to your business operations. Ransomware is also unpredictable - cyber criminals and organized crime cannot be counted on to do what they say.  They can take the ransom money and still permanently remove or damage critical corporate information. The only reliable defense for your security operations team is to present a strong offense using tools like CryptoTrap.

In highly regulated industries, such as healthcare, ransomware can bring the liability associated with a data breach which usually results in audits, penalties and potential litigation.  Note that Health and Human Services OCR published commentary in July that they view a ransomware attack as a data breach under HIPAA. It seems obvious yet most hospitals have missed this completely. Your HIPAA risk analysis will need to address ransomware and you must have a solution to prevent it and to speed recovery.  Most hospitals do not address ransomware directly if at all in their risk analysis.  

Ransom extortion payments aside, the cost to a hospital of not being able to utilize x-ray and MRI machines for even one day can be many tens of thousands of dollars. The problem is even more difficult for independent MRI/CT-scan and XRAY centers, surgical centers, skilled nursing facilities (SNFs), large physician practices and diagnostic laboratories which may have smaller security teams.  In fact, many may never be able to recover their data.

The problem extends to many industries.  Retail, finance and banking and many other industries remain active targets of ransomware. In retail earlier this year ransomware was customized to seek out and find targeted ecommerce systems, take over the entire website using targeted exploits, encrypt the data and then display a ransom warning on the homepage.  Around the globe banks continue to be hit repeatedly with ransomware.  The US Federal Financial Institutions Examination Council (FFIEC) warned banks earlier this year about a continued rise in cyber-attacks using ransomware.  The FFIEC noted the increase in both the number and severity of attacks against financial institutions that involve extortion.

Leveraging TrapX’s deception technology, CryptoTrap is able to stop ransomware in its tracks by tricking attackers who are attempting to encrypt real network data. TrapX’s DeceptionTokens (lures) divert network-based ransomware attacks towards TrapX specialized ransomware traps designed to isolate the threat and keep it captive while protecting the organization’s real files. The TrapX ransomware traps alert security teams to the presence of the ransomware immediately, while the source of the attack is isolated and disconnected from the network, stopping the attack in its tracks.

TrapX researchers have identified more than 2,000 variations of ransomware that employ different methods of attack on network shares. To address this challenge, CryptoTrap is designed to ensure customers are protected from all of these methods—thus setting it apart from other ransomware tools. CryptoTrap is also setting an industry first by holding ransomware attacks “hostage” by leveraging deception technology, while security teams are alerted to remediate the threat.

CryptoTrap is a member of the TrapX family of products.  You can upgrade CryptoTrap to add the power of DeceptionGrid to protect your enterprise from the most sophisticated cyber attackers and the tools they use.

Our website:

http://www.trapx.com

CryptoTrap available free to the public as a 30 day trial.  Check it out here: http://deceive.trapx.com/WebInquiry-CryptoTrapRequest_2

You can see the TrapX press release on CryptoTrap here: http://trapx.com/trapx-combats-ransomware-attacks-with-new-cryptotrap-tool/

More information on ransomware can be found on the FBI website: https://www.fbi.gov/news/stories/incidents-of-ransomware-on-the-rise

Check out the wikipedia page on ransomware here: https://en.wikipedia.org/wiki/Ransomware