How does Acronis Protect Against Ransomware?
If ransomware begins to encrypt files, Acronis quickly detects and halts this process. Because Acronis is a backup solution, any data that was exposed and encrypted before the process was halted can be recovered from a variety of backup sources.
- Pattern detection
Acronis Active Protection Closely Monitor patterns on how files are being changed.
One set of behaviors may be typical and expected.
Another set of behaviors may signal a suspect process taking hostile action against files.
The Acronis approach looks at these actions and compares them against malicious behavior patterns. This approach can be exceptionally powerful in identifying ransomware attacks, even from ransomware variants that are as-yet unreported.
2. Whitelist and blacklist
Acronis Active Protection is capable of detecting new threats based on already identified patterns as well as learned ones.
Results must be adjusted to reduce false positive detection of things that really aren’t ransomware.
Acronis Active Protection maintains a whitelist — programs that are allowed and expected to perform certain actions — to prevent authorized activities from being falsely tagged as unauthorized.
3. Self-defense of backup files
One way that criminals could choose to compromise files would be to attack the backup software itself to corrupt the backup files it creates.
To protect against this, Acronis has implemented a robust self-defense mechanism that won’t let criminals disrupt the work of the Acronis application or backup file content. Additionally, Acronis Active Protection monitors the Master Boot Record of Windows-based computers. It won’t let any illegitimate changes to be made to prevent you from being able to properly boot your computer.
Do you want any assistance from Dataguard MEA?
Become Acronis Provider with Dataguard MEA, Connect us with now