Dan's Take
BackupAssist Launches CryptoSafeGuard Ransomware Protection
It's trying to find its way in a crowded market.
- By Dan Kusnetzky
- 09/28/2017
The industry has been seeing attacks in which malicious software invades end-user PCs and encrypts user files. This type of attack is described as "ransomware." The end-user or the organization is offered the key to decrypt the files, for a price.
If the price is paid, the key is not always provided. The WannaCry ransomware attack is a recent example.
BackupAssist believes that it has a solution, CryptoSafeGuard, for this problem for mid-market organizations using Windows software. CryptoSafeGuard monitors end-user systems while backing up changing data files. If it observes an attempt to rapidly change entire directories or entire filesystems, it steps in to protect the off-system backups, notify administrators and restore the previous environment.
Here's how the company describes CryptoSafeGuard:
CryptoSafeGuard protects your backups from ransomware by stopping infected files from being backed up and prevents your backups from being encrypted. It is designed to complement existing anti-malware solutions by adding an extra layer of detection at the data level, while also providing extra shielding around backups. Active, simple and non-intrusive, CryptoSafeGuard delivers the following capabilities:
- Protects – with features designed to stop ransomware from corrupting your backups from the BackupAssist computer.
- Detects – scans and detects the effects of ransomware activities in the source files under backup protection.
- Responds – alerts your administrator via SMS and E-mail upon detection of crypto-corrupted files.
- Preserves – blocks future backup jobs from running, thus preserving the last-known good backup.
Analyzing the Field
A number of suppliers, including Acronis, Norton, McAfee and a few others, have also seen this problem and developed solutions. Some of these suppliers offer technology designed to protect many different types of systems from this type of attack.
Acronis released Backup 12.5 in June 2017, and it included "active protection." Active protection is designed to detect and stop ransomware attacks by detecting rapid changes in the target system's file system and asking an administrator if this is appropriate behavior for the system. If it isn't, it will automatically recover changed files.
In addition, it protects the backups themselves from malware attacks. This, of course, is the same problem that CryptoSafeGuard is addressing, but it supports "more than 20 platforms," including Windows, Office 365, Azure, Linux, Mac OS X, Oracle, VMWare, Hyper-V, Red Hat Virtualization, Linux KVM, Citrix XenServer, iOS and Android.
Norton offers "Advanced Threat Protection" products designed to protect endpoints and cloud environments. The company offers versions for Windows (client and server), macOS, virtual environments (VMware, Microsoft, Citrix and Oracle VirtualBox). The manager software, however, executes on only on Windows.
McAfee's McAfee VirusScan Enterprise 8.8 and Endpoint Security 10 both contain ransomware protection capabilities. The company also offers decryption products designed to address the situation in which files have already been encrypted.
Microsoft has also stepped up to this treat as well with its Windows Defender Advanced Threat Protection technology. This, of course, focuses on its own Windows software.
Dan's Take: The Tight Focus on Windows Is a Gamble
BackupAssist hopes be distinguished from other offerings by the tight focus on the mid-market and its Windows systems. It's my observation that being Windows focused really won't allow the software to address the entire problem. Ransomware has been seen on Android, iOS, macOS and, of course, Windows systems. Other suppliers are offering support for a broader mix of platforms. That being said, a Windows-focused product will, in all likelihood, address most of the needs of the midmarket.
About the Author
Daniel Kusnetzky, a reformed software engineer and product manager, founded Kusnetzky Group LLC in 2006. He's literally written the book on virtualization and often comments on cloud computing, mobility and systems software. He has been a business unit manager at a hardware company and head of corporate marketing and strategy at a software company.