The only ransomware solution in Korea, from ransomware prevention to consequence management.
Detecting and blocking the paths of data leaks
Examine and block the email, web, or application that is the path of thedata leak.
Restore damaged data to its original state
Even when data is damaged by an attack, it can be restored back to the state before it was damaged.
An analyzation based on network forensic
Provides tools to aid consequence management and reports to help the security manager analyze the attack.
What is Ransomware?
Ransomware is a form of malware that blocks access to data or applications (using encryption) and demands a “ransom” to restore the data.The use and breadth of ransomware has been expanding rapidly as the PII market is saturated and hackers seek
quick, anonymous profits. Ransomware has become a major security threat to the point that it is even distributed
by hackers as a service (Ransomware-as-a-Service).
In 2015, the damage from ransomware and the amounts demanded as ransom began increasing rapidly. Once infected with ransomware the damage to an organization is two fold. First, there is lost time from
not being able to use data and second there is a financial loss if the ransom isn’t paid. Also, there is a risk of secondary invasion or complete data loss. Organizations need to be completely prepared for these risks.
SOOSAN INT’s Ransomware Solution
SOOSAN INT’s Ransomware Solution prevents data leaks and blocks the path of exfiltration, restores damaged data to its original state, and provides an attack analysis including forensic information.
[ Step 1: Prevention ]
eWalker V7 and V7M prevent infection from malicious data by managing and blocking malicious links, attachment files, P2P services, and other malicious content presented to users on malicious websites and in email.
As SSL/TLS encrypted traffic is increasing for security reasons, a blind spot has also been created in traditional security appliances that hackers can exploit by encrypting their malicious code. eWalker SSL decrypts, detects, and blocks encrypted malicious code.
[ Step 2: Restoration ]
In the case that an endpoint is infected, even with a new form of malware, using eRed S1, the PC can be restored to its original state, minimizing the damage.
[ Step 3: Attack Analysis ]
SOOSAN INT’s enhanced ETP (eWalker Threat intelligence Platform) v3.0 not only updates the malicious data DB in real-time, but also analyzes metadata such as source IP and destination IP, and protocol information. It provides sophisticated reports about the path of infection based on our Ransomware Solution.
The Advantages of SOOSAN INT’s Ransomware Solution