Morphisec Expands Anti-Ransomware Capabilities With Ransomware Encryption Protection

Share Article

Cybersecurity software company adds encryption protection feature for four unique layers of Defense-in-Depth against the most advanced ransomware attacks.

Morphisec today announced a new ransomware encryption protection feature for unique and comprehensive ransomware Defense-in-Depth. The new capability protects organizations at the most damaging stage of ransomware attacks: the file encryption “impact” phase.

Ransomware as a service (RaaS) and fileless and in-memory attacks built to evade cybersecurity tools like next generation anti-virus (NGAV), endpoint protection platforms (EPP), and endpoint detection and response (EDR/XDR/MDR) have pushed the average cost of a destructive ransomware or wiper attack to $5.12 million. Overcoming these risks requires prevention-first technologies that address the entire ransomware attack chain and close the security gaps of the above detection-based solutions.

Morphisec’s expanded anti-ransomware protection does this with the following four defense layers:

NEW Data Encryption & Destruction Protection
Deploys decoys throughout the operating file system. Any attempt to encrypt, delete, or otherwise tamper with a decoy automatically terminates the process.

System Recovery Tamper Protection
Blocks unauthorized access to shadow copies and terminates unauthorized processes that try to delete them, securing system recovery files.

Credential Theft Protection
Deterministically protects domain credentials stored in LSASS application and browser credentials stored by Chrome and Edge. Blocks multiple types of credential dumping.

Runtime Memory Protection with Moving Target Defense Technology (MTD)
Morphisec’s patented, automated MTD technology randomly morphs runtime memory, creating an unpredictable attack surface while leaving decoy traps in place of system resources. Ransomware that tries to execute is terminated and captured for forensic analysis. Gartner says “Automated moving target defense is an emerging game-changing technology for improving cyber defense.”1

These security layers block a comprehensive range of MITRE ransomware tactics, from initial access to persistence, privilege escalation, defense evasion, lateral movement, and the final file encryption “impact” phase.

Morphisec Chief Technology Officer Michael Gorelik said, “Morphisec’s prevention-first, Defense-in-Depth approach offers comprehensive protection against the most advanced and damaging ransomware attacks that evade traditional detection-based cybersecurity solutions. We supply peace of mind to security leaders who want to keep their organization out of the headlines.”

The enhanced anti-ransomware capabilities are available in Morphisec Windows Protector (MWP) version 7.0.0.

About Morphisec
Morphisec has redefined the concept of prevention-first cybersecurity from endpoint to the cloud. We provide real-time application inventory and risk visibility, and secure device memory at runtime to prevent the most damaging, undetectable attacks others don’t. We add a powerful, ultra-lightweight, Defense-in-Depth layer to augment solutions like NGAV, EPP, EDR, and XDR and close their in-memory security gap against these cyberattacks. Morphisec’s automated Moving Target Defense and anti-ransomware technology proactively prevents supply chain attacks, ransomware, fileless attacks, zero-days, and other advanced, evasive attacks. Over 5,000 organizations trust Morphisec to protect nine million Windows and Linux servers and endpoints. Every day Morphisec stops thousands of stealthy and advanced attacks at companies such as Motorola, TruGreen, Covenant Health, PACCAR, Citizens Medical Center, and many more.

1 Gartner, ‘Emerging Tech: Security — The Future of Cyber Is Automated Moving Target Defense’, February 25, 2023.

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Mitchell Hall
1 617-826-1212
Email >