Introducing RansomFree by Cybereason

Ransomware is Here to Stay

This year, ransomware attacks have become more prevalent and attackers are demanding larger ransoms, estimated to cost victims hundreds of millions of dollars. We saw criminals targeting organizations like Hollywood Presbyterian Hospital and San Francisco Municipal Transportation Agency as well as local governments and individuals. In other words, ransomware doesn’t discriminate.

The Failure of Antivirus

The main reason ransomware attacks are so successful is that traditional antivirus software cannot detect them. New variants of ransomware are developed every day, so signature-based defenses can’t identify and protect an organization from the ransomware causing damage. In addition, many types of ransomware are polymorphic, meaning it generates a new hash every time it propagates to avoid detection.

The Common Denominator

Cybereason researched tens of thousands of ransomware variants belonging to over 40 ransomware strains, including Locky, Cryptowall, TeslaCrypt, Jigsaw and Cerber and identified the behavioral patterns that distinguish ransomware from legitimate applications. While each ransomware strain was written by different criminal teams, they all exhibit the same low-level file-related behavior. Ransomware attempts to encrypt as many files as possible, as quickly as possible.

Introducing RansomFree

Cybereason has developed a unique behavioral approach to stop ransomware in its tracks. Since we’ve identified the typical pattern of behavior, we know how and where ransomware will start encrypting files. We built this knowledge into RansomFree: a free, anti-ransomware software that detects and blocks ransomware.

By targeting the common behavior of ransomware, Cybereason RansomFree protects against 99 percent of ransomware strains. RansomFree detects ransomware, suspends the activity, displays a popup that warns users that their files are at risk and lets the user stop the attack with one click.


Protection From an Array of Ransomware Attacks

RansomFree protects against local encryption as well as the encryption of files on network or shared drives. The encryption of shared files is among the doomsday scenarios an organization can imagine. It takes only one employee on the network to execute ransomware and affect the entire company.

RansomFree catches stand-alone ransomware programs as well as fileless ransomware. Stand-alone ransomware uses vulnerabilities in applications, like buggy Flash code, but fileless ransomware abuses legitimate Windows tools, like the PowerShell scripting language or JavaScript, to carry out its malicious intentions.

Keep Your Data Safe

Ransomware doesn’t discriminate. Attackers know people place a premium on certain files. Businesses have spreadsheets loaded with sales data while people treasure photos of family vacations. And while backing up files is critically important, this step may not protect a person or an organization from ransomware if a network drive becomes infected. And since ransomware has proven lucrative for adversaries, they’re not likely to remove this threat from their toolkit any time soon.

Using RansomFree ensures that valuable data, whether it’s a person’s wedding photos or a company’s product roadmaps, won’t be held hostage by criminals.