WHO WE ARE |
TrapX Security is a leader in deception based cyber security defense. Our solutions detect and defend against zero-day and advanced attacks in real time. The TrapX Security customer base includes Global 2000 commercial and government customers.
|
TrapX Ships World’s First
Deception-Based Security
Solution to Protect
SWIFT Financial Networks
Latest update to DeceptionGrid Includes Both Traps and Tokens Targeted Directly Against Malicious SWIFT Cyber Attackers
SAN MATEO, CALIF. — Oct. 25, 2016 — TrapX™, the global leader in deception-based cyber security defense, today announced that it has released the world’s first deception-based security solution specifically designed to protect the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial networks. Unlike other security solutions, TrapX is the only security company to include both Traps (decoys) and Tokens (lures) to capture today’s most proficient and persistent cyber attackers. The new capabilities imitate a variety of real SWIFT financial network computer terminals and web services. DeceptionGrid™ now includes emulation capabilities for SWIFT Alliance SAG, SWIFT Alliance SAA and SWIFT Alliance Web Platforms for Linux and Windows deployments and was specially designed to help financial institutions target and stop SWIFT financial network attackers.
“In the past year, SWIFT has been under attack by persistent cyber attackers, which have resulted in the theft of more than $100 million dollars from banks worldwide,” said Greg Enriquez, CEO of TrapX Security. “These attacks demonstrate a broad knowledge of bank operations as attackers combine them with sophisticated tools and techniques to penetrate target bank networks. The recent expansion of our DeceptionGrid emulation to include SWIFT financial network assets allows institutions to protect their most valuable assets by implementing a powerful security layer of deception on top of SWIFT’s closed systems, which does not impede on the existing security structure. This adds to our financial networks solution set that already includes protection for automated teller machines (ATM) networks, online banking application servers and more.”
The SWIFT financial network, like many core financial applications, is a closed system with well integrated internal security. Sophisticated cyberattackers that are able to penetrate a targeted financial network, can establish a “backdoor” and observe and map network assets without being detected for long periods of time. Enough time in the network allows attackers to learn operating procedures for major financial applications and then compromise the targeted systems. Attackers then access and capture authentication traffic and, ultimately, escalate their permissions, often to the administrator level to compromise the SWIFT financial network transactions in a variety of potential ways.
To better detect and defeat attackers who have already penetrated the network, TrapX DeceptionGrid surrounds the actual SWIFT assets with a blanket of protective Traps and Tokens that leads attackers to attractive fake SWIFT decoys, which look relatively undefended. However, each Trap has the ability to capture, contain and analyze attackers, while alerting the financial institutions security operations center (SOC) teams. Once the attacker is identified within the network, an in-depth report of the attack method is shared with SOC for assessment and remediation. This provides financial institutions with exceptional visibility situational awareness of activity within the internal networks.
In support of this product release, TrapX Chief Marketing Officer Anthony James will host a live webinar that will cover:
The webinar will conclude with a brief demonstration of deception technology as well as examples of how organizations are leveraging deception strategies with their existing security infrastructure. To register, please visit: http://deceive.trapx.com/161027SWIFT_210RegistrationPage.html?utm_source=TrapX&utm_medium=Website
Availability
DeceptionGrid with SWIFT protection technology is available today and is free for existing TrapX customers.
Trademark Notice
TrapX Security™, DeceptionGrid™, DeceptionTokens™ and CryptoTrap™ are trademarks of TrapX Security, Inc.
More Information
Visit the TrapX Website: www.trapx.com
Watch a 60 Second Introduction to Deception Technology: https://youtu.be/d6lzgBZ4hWQ
Learn more about DeceptionGrid: http://trapx.com/products/deceptiongrid/
Visit the TrapX blog: http://www.trapx.com/blog/
Follow TrapX on Twitter: @trapxsecurity
Follow TrapX on LinkedIn: https://www.linkedin.com/company/trapx
Like TrapX on Facebook: https://www.facebook.com/pages/TrapX/258804147648401
About TrapX
TrapX Security is a leader in deception based cyber security defense. Our solutions rapidly detect, analyze, and defend against zero day and advanced attacks in real time. DeceptionGrid™ provides automated, highly accurate insight into malware and malicious activity unseen by other types of cyber defense. We create a proactive security posture, fundamentally changing the economics of cyber defense by shifting the cost to the attacker. The TrapX Security customer base includes Forbes Global 2000 commercial and government customers around the world in sectors that include defense, healthcare, finance, energy, consumer products, and other key industries. Learn more at www.trapx.com.
###
Media Contact:
Rick Popko
10Fold
415-800-5381
[email protected]
SAN MATEO, CALIF. — Oct. 25, 2016 — TrapX™, the global leader in deception-based cyber security defense, today announced that it has released the world’s first deception-based security solution specifically designed to protect the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial networks. Unlike other security solutions, TrapX is the only security company to include both Traps (decoys) and Tokens (lures) to capture today’s most proficient and persistent cyber attackers. The new capabilities imitate a variety of real SWIFT financial network computer terminals and web services. DeceptionGrid™ now includes emulation capabilities for SWIFT Alliance SAG, SWIFT Alliance SAA and SWIFT Alliance Web Platforms for Linux and Windows deployments and was specially designed to help financial institutions target and stop SWIFT financial network attackers.
“In the past year, SWIFT has been under attack by persistent cyber attackers, which have resulted in the theft of more than $100 million dollars from banks worldwide,” said Greg Enriquez, CEO of TrapX Security. “These attacks demonstrate a broad knowledge of bank operations as attackers combine them with sophisticated tools and techniques to penetrate target bank networks. The recent expansion of our DeceptionGrid emulation to include SWIFT financial network assets allows institutions to protect their most valuable assets by implementing a powerful security layer of deception on top of SWIFT’s closed systems, which does not impede on the existing security structure. This adds to our financial networks solution set that already includes protection for automated teller machines (ATM) networks, online banking application servers and more.”
The SWIFT financial network, like many core financial applications, is a closed system with well integrated internal security. Sophisticated cyberattackers that are able to penetrate a targeted financial network, can establish a “backdoor” and observe and map network assets without being detected for long periods of time. Enough time in the network allows attackers to learn operating procedures for major financial applications and then compromise the targeted systems. Attackers then access and capture authentication traffic and, ultimately, escalate their permissions, often to the administrator level to compromise the SWIFT financial network transactions in a variety of potential ways.
To better detect and defeat attackers who have already penetrated the network, TrapX DeceptionGrid surrounds the actual SWIFT assets with a blanket of protective Traps and Tokens that leads attackers to attractive fake SWIFT decoys, which look relatively undefended. However, each Trap has the ability to capture, contain and analyze attackers, while alerting the financial institutions security operations center (SOC) teams. Once the attacker is identified within the network, an in-depth report of the attack method is shared with SOC for assessment and remediation. This provides financial institutions with exceptional visibility situational awareness of activity within the internal networks.
In support of this product release, TrapX Chief Marketing Officer Anthony James will host a live webinar that will cover:
- The latest attack methods used to break into the SWIFT financial network
- Techniques organizations can implement today to decrease the chances of being a target
- How deception technology effectively shuts down attacks before assets are compromised
The webinar will conclude with a brief demonstration of deception technology as well as examples of how organizations are leveraging deception strategies with their existing security infrastructure. To register, please visit: http://deceive.trapx.com/161027SWIFT_210RegistrationPage.html?utm_source=TrapX&utm_medium=Website
Availability
DeceptionGrid with SWIFT protection technology is available today and is free for existing TrapX customers.
Trademark Notice
TrapX Security™, DeceptionGrid™, DeceptionTokens™ and CryptoTrap™ are trademarks of TrapX Security, Inc.
More Information
Visit the TrapX Website: www.trapx.com
Watch a 60 Second Introduction to Deception Technology: https://youtu.be/d6lzgBZ4hWQ
Learn more about DeceptionGrid: http://trapx.com/products/deceptiongrid/
Visit the TrapX blog: http://www.trapx.com/blog/
Follow TrapX on Twitter: @trapxsecurity
Follow TrapX on LinkedIn: https://www.linkedin.com/company/trapx
Like TrapX on Facebook: https://www.facebook.com/pages/TrapX/258804147648401
About TrapX
TrapX Security is a leader in deception based cyber security defense. Our solutions rapidly detect, analyze, and defend against zero day and advanced attacks in real time. DeceptionGrid™ provides automated, highly accurate insight into malware and malicious activity unseen by other types of cyber defense. We create a proactive security posture, fundamentally changing the economics of cyber defense by shifting the cost to the attacker. The TrapX Security customer base includes Forbes Global 2000 commercial and government customers around the world in sectors that include defense, healthcare, finance, energy, consumer products, and other key industries. Learn more at www.trapx.com.
###
Media Contact:
Rick Popko
10Fold
415-800-5381
[email protected]
TrapX Security Combats Ransomware with CryptoTrap - September 2016
We’re pleased to announce the release of CryptoTrap™, a new tool aimed at helping enterprises detect and combat a rising tide of sophisticated ransomware attacks. The CryptoTrap tool uses deception technology to deceive attackers and lure them away from an organization’s valuable assets, giving enterprises the ability to detect and remediate ransomware threats before they can further compromise the network and harm critical data. CryptoTrap enables your security operations team to strike back at ransomware and take the initiative in defeating the cyber attackers.
Industry news shows us that ransomware attacks are accelerating in every industry. According to the FBI, ransomware victims paid attackers a total of $209 million in the first quarter of 2016. The producers of the CryptoWall ransomware attack generated ransom of more than $300 million in 2015 alone. These trends are expected to continue and accelerate over the next few years.
Ransomware, plain and simple, is criminal extortion. It brings cost in the form of ransom payments, and perhaps even worse, the disruption to your business operations. Ransomware is also unpredictable - cyber criminals and organized crime cannot be counted on to do what they say. They can take the ransom money and still permanently remove or damage critical corporate information. The only reliable defense for your security operations team is to present a strong offense using tools like CryptoTrap.
In highly regulated industries, such as healthcare, ransomware can bring the liability associated with a data breach which usually results in audits, penalties and potential litigation. Note that Health and Human Services OCR published commentary in July that they view a ransomware attack as a data breach under HIPAA. It seems obvious yet most hospitals have missed this completely. Your HIPAA risk analysis will need to address ransomware and you must have a solution to prevent it and to speed recovery. Most hospitals do not address ransomware directly if at all in their risk analysis.
Ransom extortion payments aside, the cost to a hospital of not being able to utilize x-ray and MRI machines for even one day can be many tens of thousands of dollars. The problem is even more difficult for independent MRI/CT-scan and XRAY centers, surgical centers, skilled nursing facilities (SNFs), large physician practices and diagnostic laboratories which may have smaller security teams. In fact, many may never be able to recover their data.
The problem extends to many industries. Retail, finance and banking and many other industries remain active targets of ransomware. In retail earlier this year ransomware was customized to seek out and find targeted ecommerce systems, take over the entire website using targeted exploits, encrypt the data and then display a ransom warning on the homepage. Around the globe banks continue to be hit repeatedly with ransomware. The US Federal Financial Institutions Examination Council (FFIEC) warned banks earlier this year about a continued rise in cyber-attacks using ransomware. The FFIEC noted the increase in both the number and severity of attacks against financial institutions that involve extortion.
Leveraging TrapX’s deception technology, CryptoTrap is able to stop ransomware in its tracks by tricking attackers who are attempting to encrypt real network data. TrapX’s DeceptionTokens (lures) divert network-based ransomware attacks towards TrapX specialized ransomware traps designed to isolate the threat and keep it captive while protecting the organization’s real files. The TrapX ransomware traps alert security teams to the presence of the ransomware immediately, while the source of the attack is isolated and disconnected from the network, stopping the attack in its tracks.
TrapX researchers have identified more than 2,000 variations of ransomware that employ different methods of attack on network shares. To address this challenge, CryptoTrap is designed to ensure customers are protected from all of these methods—thus setting it apart from other ransomware tools. CryptoTrap is also setting an industry first by holding ransomware attacks “hostage” by leveraging deception technology, while security teams are alerted to remediate the threat.
CryptoTrap is a member of the TrapX family of products. You can upgrade CryptoTrap to add the power of DeceptionGrid to protect your enterprise from the most sophisticated cyber attackers and the tools they use.
Our website:
http://www.trapx.com
CryptoTrap available free to the public as a 30 day trial. Check it out here: http://deceive.trapx.com/WebInquiry-CryptoTrapRequest_2
You can see the TrapX press release on CryptoTrap here: http://trapx.com/trapx-combats-ransomware-attacks-with-new-cryptotrap-tool/
More information on ransomware can be found on the FBI website: https://www.fbi.gov/news/stories/incidents-of-ransomware-on-the-rise
Check out the wikipedia page on ransomware here: https://en.wikipedia.org/wiki/Ransomware
Industry news shows us that ransomware attacks are accelerating in every industry. According to the FBI, ransomware victims paid attackers a total of $209 million in the first quarter of 2016. The producers of the CryptoWall ransomware attack generated ransom of more than $300 million in 2015 alone. These trends are expected to continue and accelerate over the next few years.
Ransomware, plain and simple, is criminal extortion. It brings cost in the form of ransom payments, and perhaps even worse, the disruption to your business operations. Ransomware is also unpredictable - cyber criminals and organized crime cannot be counted on to do what they say. They can take the ransom money and still permanently remove or damage critical corporate information. The only reliable defense for your security operations team is to present a strong offense using tools like CryptoTrap.
In highly regulated industries, such as healthcare, ransomware can bring the liability associated with a data breach which usually results in audits, penalties and potential litigation. Note that Health and Human Services OCR published commentary in July that they view a ransomware attack as a data breach under HIPAA. It seems obvious yet most hospitals have missed this completely. Your HIPAA risk analysis will need to address ransomware and you must have a solution to prevent it and to speed recovery. Most hospitals do not address ransomware directly if at all in their risk analysis.
Ransom extortion payments aside, the cost to a hospital of not being able to utilize x-ray and MRI machines for even one day can be many tens of thousands of dollars. The problem is even more difficult for independent MRI/CT-scan and XRAY centers, surgical centers, skilled nursing facilities (SNFs), large physician practices and diagnostic laboratories which may have smaller security teams. In fact, many may never be able to recover their data.
The problem extends to many industries. Retail, finance and banking and many other industries remain active targets of ransomware. In retail earlier this year ransomware was customized to seek out and find targeted ecommerce systems, take over the entire website using targeted exploits, encrypt the data and then display a ransom warning on the homepage. Around the globe banks continue to be hit repeatedly with ransomware. The US Federal Financial Institutions Examination Council (FFIEC) warned banks earlier this year about a continued rise in cyber-attacks using ransomware. The FFIEC noted the increase in both the number and severity of attacks against financial institutions that involve extortion.
Leveraging TrapX’s deception technology, CryptoTrap is able to stop ransomware in its tracks by tricking attackers who are attempting to encrypt real network data. TrapX’s DeceptionTokens (lures) divert network-based ransomware attacks towards TrapX specialized ransomware traps designed to isolate the threat and keep it captive while protecting the organization’s real files. The TrapX ransomware traps alert security teams to the presence of the ransomware immediately, while the source of the attack is isolated and disconnected from the network, stopping the attack in its tracks.
TrapX researchers have identified more than 2,000 variations of ransomware that employ different methods of attack on network shares. To address this challenge, CryptoTrap is designed to ensure customers are protected from all of these methods—thus setting it apart from other ransomware tools. CryptoTrap is also setting an industry first by holding ransomware attacks “hostage” by leveraging deception technology, while security teams are alerted to remediate the threat.
CryptoTrap is a member of the TrapX family of products. You can upgrade CryptoTrap to add the power of DeceptionGrid to protect your enterprise from the most sophisticated cyber attackers and the tools they use.
Our website:
http://www.trapx.com
CryptoTrap available free to the public as a 30 day trial. Check it out here: http://deceive.trapx.com/WebInquiry-CryptoTrapRequest_2
You can see the TrapX press release on CryptoTrap here: http://trapx.com/trapx-combats-ransomware-attacks-with-new-cryptotrap-tool/
More information on ransomware can be found on the FBI website: https://www.fbi.gov/news/stories/incidents-of-ransomware-on-the-rise
Check out the wikipedia page on ransomware here: https://en.wikipedia.org/wiki/Ransomware