What We Do
How we do it
Resources
SECURITY ADVISORIES
Jul 26, 2021
PetitPotam NTLM Relay Attack
THE THREAT PetitPotam is a variant of NTLM Relay attacks discovered by security researcher Gilles Lionel. Proof of Concept code released last week [1] relies on the Encrypting File System Remote (EFSRPC) protocol to provoke a Windows host into performing an NTLM authentication request against an attacker-controlled server, exposing NTLM authentication details or authentication certificates.…
Read More
View all Advisories →
Company
ABOUT eSENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Jul 12, 2021
Tecala and eSentire Partner to Protect Enterprises across APAC from Business-Disrupting Cyber Attacks
Sydney, 12 July, 2021 - Tecala, Australia’s award-winning technology services and IT consulting provider, today announced it has chosen eSentire, the global Authority in Managed Detection and Response (MDR) cybersecurity services, as their exclusive MDR solution provider in Australia and New Zealand. This partnership will enable Tecala to augment its cybersecurity practice and offer enterprises…
Read More
Partners
PARTNER PROGRAM
Partners
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Resources
Blog — Jul 19, 2021

How Your Organization Can Prevent a Ransomware Attack

4 min read

It seems that every week, there are alarming headlines announcing yet another ransomware attack - evidence that threat actors are relentless in their pursuit to exploit high-value targets. From the SolarWinds attack in 2020 to the most recent Kaseya VSA compromise in July 2021, ransomware attacks are carefully orchestrated to incite as much chaos and instability as possible.

In addition to the growing sophistication of ransomware, threat actors are also evolving in the techniques they’re leveraging to launch attacks. Within the past year, we have seen increasing instances of adversaries relying on the ransomware-as-a-service model and double extortion to guarantee payment.

Since complex attack tactics require equally complex recovery solutions, the remediation costs have also increased substantially. In fact, the average recovery cost from ransomware in 2021 has risen to $1.85 million USD, more than twice the $761,106 USD reported in 2020.

Even if an organization chooses to pay the ransom, the effects of ransomware are crippling and linger for years to come. Aside from facing the financial burden, the business will face reputational damage, loss of brand trust/loyalty, and depending on the scenario, may even face legal and regulatory repercussions. Therefore, security leaders must do their part to ensure they can prevent ransomware attacks from occurring.

So, what steps can your organization take to prevent a ransomware attack? Here are some of our recommendations:

Ransomware is easily poised to be one of the largest digital threats facing organizations today and this threat is not going anywhere. In fact, the Cybersecurity & Infrastructure Security Agency (CISA) recently released the Ransomware Readiness Assessment module as part of its Cyber Security Evaluation Tool (CSET). This self-assessment module is designed to “enable users to perform a comprehensive evaluation of their cybersecurity posture using many recognized government and industry standards and recommendations”.

Being prepared for a ransomware attack is just one part of the equation. Today’s CISOs must adopt an “assume breach” mentality and be ready to detect and respond to an attack. Learn how Managed Detection & Response can help your organization detect and contain threats before they become business-disrupting events, connect with an eSentire security specialist.

eSentire
eSentire

eSentire is the Authority in Managed Detection and Response, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events. Combining cutting-edge machine learning XDR technology, 24/7 Threat Hunting, and proven security operations leadership, eSentire mitigates business risk, and enables security at scale. The Team eSentire difference means enterprises are protected by the best in the business with a named Cyber Risk Advisor, 24/7 access to SOC Cyber Analysts & Elite Threat Hunters, and industry-leading threat intelligence research from eSentire’s Threat Response Unit (TRU). eSentire provides Managed Risk, Managed Detection and Response and Incident Response services. For more information, visit www.esentire.com and follow @eSentire.