Cyber Deception & Its Role in Modern Data Protection

June 08, 2022

By Steve Preston – VP Metallic Security

Ransomware threats are evolving. Bad actors are constantly innovating, employing new and sophisticated approaches to silently bypass perimeter defenses and traditional security tools. But it’s not just their tactics that are advancing… it’s also their motives.

From Ransom to Extortion

While ‘conventional’ ransomware is aimed at encrypting data and holding it hostage for a lofty payout, new threats focus on the double and triple extortion of business data. Want proof? A mere 17% of attacks only ask for money in exchange for a decryption key, while the other 83% involve some form of data leakage, exfiltration, theft, or damage.1 Put differently; the majority of attacks have bigger plans than just denying access to your data – but monetizing and exploiting businesses and personal data in new and malicious ways.

As bad actors shift their attention, business must also reorient. Companies must reimagine their data protection strategy to focus on insulating their data from new threats, not just recovering from them.

Why Recovery is Not Enough

Traditional data protection solutions have long acted as a last line of defense, offering utilities for businesses to rebound, post-attack. However, they often come into play when it’s too late, after data has already been compromised. And while delivering business continuity is a critical element of any multi-layered strategy, today’s businesses need advanced capabilities that also spot and contain threats before they reach your data.

Consider this… the average dwell time of an attack is 28 days, allowing bad actors to operate undetected for weeks (if not months), evading conventional detection, threat hunting, and advanced security tools.2 This provides threat actors with ample time to discover critical resources, move laterally across environments, elevate privileges, and propagate an attack.

Modern data protection shouldn’t sit idle, but actively surface and engage unknown and zero-day threats early, to defend your data the moment an attack begins.

Introducing Early Access for Metallic® ThreatWise™

With recently acquired TrapX cyber deception technology, Metallic is redefining the game in ransomware protection through our new security service: Metallic® ThreatWise™. By combining sophisticated early warning and early action alongside comprehensive tools for recoverability, ThreatWise™ enables businesses to uncover latent and silent threats traversing environments, contain and limit windows of exposure, and even flag ransomware activity before data leakage, exfiltration, theft, or damage. It offers a powerful one-two punch; first slowing attacks down by diverting them toward fake assets and, second, by providing high-fidelity insights into recon, lateral movement, and unwanted privileged access that evades conventional technology. Now, organizations of all sizes get robust early warning capabilities to spot and intercept threats before they reach your crown jewels – alongside proven recoverability for worst-case scenarios.

Interested in next generation data protection? We are kicking off Early Access for Metallic® ThreatWise™, providing early adopters with advance access to our upcoming ransomware detection capabilities.

Availability is limited. Reach out to reserve your spot today!.

threatwise-cyber-deception

Source 1: https://www.computerweekly.com/news/252513735/Backups-no-longer-effective-for-stopping-ransomware-attacks

Source 2: https://www.mandiant.com/media/15671

It’s a good day for a test drive

Through SaaS, Metallic is easy to try before you purchase, with a simple UX that walks you through setup