The Collision of Machine Learning and Ransomware


Europe’s recent wave of ransomware attacks put ransomware on the map for many, and heightened concerns for others. The latest attack, which goes by several names including Petya, Petrwrap and GoldenEye, is far more malicious than its predecessor WannaCry, as it mimics ransomware but then doesn’t allow its victims to recover their ransomed data. Here in the U.S., a Philadelphia health care clinic was hit with an attack that compromised the personal and health data of 300K patients.


While it’s impossible to predict the next attack and know what form it will take, having an actionable recovery plan will make it easier to rebound with as little downtime and loss as possible. It’s the insurance policy you hope you’ll never need, but the truth is more than 90% of companies have been impacted by breaches, threats and other malicious behavior.


That’s why the Imanis Data software incorporates unique machine learning algorithms designed to combat ransomware and identify anomalous data loss. We have dubbed this functionality, ThreatSense.


Imanis Data ThreatSense includes:


  • Intelligent Monitoring. The ThreatSense architecture uses machine learning to identify patterns of data movement and churn, and builds custom predictive models to immediately flag anomalous events as possible threats or intrusions.


  • Predictive Analytics and Point-in-time Recovery. By providing intelligent on-going predictive inputs, the Imanis Data software can also help an organization recover their data to a previous pristine point-in-time, enabling it to resume operations with minimal downtime repercussions.


  • Smart Alerting and Reporting. Users will benefit from immediate email alerts and reports that include details such as date, time, data moved, etc. so they can act quickly to address potential attacks and accidental data deletions.



Our customers understand the need to lower their RTO/RPO thresholds and ThreatSense provides them with added capabilities to support those business goals. It benefits from the underlying Imanis Data architecture that easily scales with production data and leverages application-aware technology that monitors various data and metadata attributes (nearly 50) to come up with baseline patterns.


ThreatSense also enables user input, so if there is a rational explanation for an anomalous data loss the user can adjust the ThreatSense findings to provide additional learning for the underlying algorithm.


We’re pleased to offer these intelligent features within our platform. Machine learning and predictive innovations are going to help protect organizations from the dangers of ransomware and other anomalous data losses. What was once considered futuristic or a “nice-to-have” is now the new baseline. And it’s just one of the areas that set us and our innovative customers apart. Drop us a line so we can demo these new capabilities to you.

Sign Up To Receive Imanis Data Updates

Take the Next Step

Put Imanis Data to work for all your data management needs.