Free tool helps security professionals improve ransomware defenses
Ransomware is a persistent problem, with cybercriminals always looking for new ways to evade detection and infect systems. Attacks have increased 20 percent in the first half of this year.
Endpoint detection and response company Nyotron is launching a new, free online tool called Ransomwiz that allows allows security professionals to check their defenses by generating actual ransomware samples using a variety of real-world attack techniques.
This launch follows Nyotron's discovery late last year of RIPlace, a unique evasion technique that enables cyberattackers to maliciously encrypt files under the radar of existing anti-ransomware, EPP and EDR products.
Ransomwiz is easy to understand and can be used by even junior security personnel. Users only need to select a directory to encrypt and choose which ransomware sample to run. Advanced customization features on offer include overwrite options and the ability to select the rename and RIPlace method of distribution.
"The battle against ransomware can only be faced head-on by giving enterprises the awareness and tools to first understand and then properly defend against these types of attacks," says Nir Gaist, founder and CTO of Nyotron. "Before we announced RIPlace last year, we informed many vendors of the potential disaster that could occur. Unfortunately, almost a year after, most security products are still exposed to RIPlace, as well as to endless other techniques -- which is why we felt the need to launch Ransomwiz and give security teams a way to do their own diligence and simulate attacks."
You can find out more about Ransomwiz on its own site.