Advanced Analytics Are Key to Stopping Both Known and Unknown Ransomware ThreatsSecureworks® Managed Detection and Response powered by Taegis™ (previously Red Cloak™) with VMware Carbon Black Cloud Endpoint Standard helps you detect and respond to threats faster By: Matt DeMatteo
News reports of ransomware attacks have become so common that we often don’t dig into the details. In a sense, the novelty of them has worn off. However, the sheer number of ransomware attacks over the last year is staggering. While cities like Baltimore, Atlanta and Albany may make the headlines, there are thousands of affected companies that we never hear about. These organizations simply pay the demands to make the problem go away. For some, malware attacks like ransomware have become part of the cost of doing business.
The COVID-19 pandemic has the potential to further accelerate ransomware demands. Companies, faced with work from home staff and reduced teams, as well as healthcare organizations who can’t afford to have their data held for ransom, are now facing another challenge. In April, Interpol issued a chilling statement: Hospitals and other institutions on the front lines of the fight against the coronavirus are now facing increased threats from cybercriminals and becoming targets for ransomware attacks. With tens of millions of workers now working from home, cyber criminals are exploiting untested remote access strategies and technologies.
Perpetrators of ransomware attacks can move quickly or take on disciplined military precision—think smashing a brick through a window or stealthily lying in wait for months (on average, an adversary remains undetected for 111 days1) for the right opportunity to strike. Because the attack strategy is unknown, it’s vital to Predict, Prevent, Detect and Respond to cyber threats like ransomware with both endpoint protection that blocks known threats and advanced security analytics that detect the unknown, advanced adversaries.
Telemetry, Intelligence and Analytics from Two Industry Leaders
To better serve our customers and to stay in front of the constantly evolving landscape, Secureworks has expanded our Managed Detection and Response (MDR) service wrapper with support for VMware Carbon Black Cloud Endpoint Standard. Secureworks MDR is powered by our cloud-native Red Cloak™ Threat Detection and Response SaaS application for improved alert fidelity and more streamlined investigations. By wrapping that technology with the MDR service, customers can put it to work in their environment with a partner to manage it for them.
Secureworks Managed Detection and Response (MDR) solution powered by Red Cloak reduces adversary dwell time by detecting adversaries earlier in the attack process. Secureworks’ MDR aggregates and analyzes data from endpoint, network, and cloud sources to detect malicious activity and help your security team focus on the real issues. VMware Carbon Black Cloud Endpoint Standard brings next-generation antivirus and endpoint detection and response to cover the full spectrum of today’s cyber attacks. Combined, the VMware Carbon Black and Secureworks MDR solution adds a deeper layer of confidence that extends from the edge to the core to the cloud.
Security teams can now get the telemetry of VMware Carbon Black Cloud Endpoint Standard with the Red Cloak analytics from Secureworks so you can improve fidelity, streamline investigations and respond faster. Among the immediate benefits:
- Simplified operations with one agent. Keep your choice of a great agent, with great telemetry, and add analytics without adding another tool.
- Get better fidelity with the combination of telemetry – Secureworks brings added visibility of not just endpoint, but also your cloud and network environments.
- Gain operational efficiencies with the Secureworks analyst portal – the opportunity to have all your visibility in one place, without having to swivel.
- This bundled solution is also offered as part of the Dell Safeguard and Response portfolio.
Ransomware is a clear and present danger for organizations of all sizes. The solution may seem simple – “STOP RANSOMWARE” – but it isn’t. A comprehensive and reliable solution needs to prevent opportunistic ransomware from executing and spreading in an environment while also looking for adversaries who are hiding within a network waiting to spread ransomware once they have disabled or bypassed endpoint protections and security controls.
With VMware Carbon Black Cloud Endpoint Standard, Secureworks Red Cloak Threat Detection and Response and Secureworks MDR service, organizations can finally put the fear of ransomware behind them and embrace the changes that are already shaping our information technology future.
1 Source: Secureworks Incident Response Insights Report 2019