Free Online Tool Puts Good Guys in the Hacker’s Shoes to Test Defenses
Nyotron, provider of the industry’s first automatic Endpoint Detection and Response (EDR) with integrated prevention, today announced the release of Ransomwiz, a free online tool that empowers security teams with the ability to challenge their security products against ransomware. Ransomwiz allows security professionals to take the attacker’s front seat, and generate actual ransomware samples using a variety of real-world attack techniques.
Hackers have been unleashing ransomware attacks for years, and the problem is only growing. According to Verizon’s 2020 Data Breach Investigations Report, ransomware is the third most common malware breach, accounting for approximately 20% of such attacks. The problem is exacerbated by the easy availability of ransomware from marketplaces and forums, and the growing remote workforce that has drastically increased the attack surface.
The launch of Ransomwiz follows Nyotron’s announcement late last year of RIPlace, a unique evasion technique that enables cyberattackers to maliciously encrypt files under the radar of existing anti-ransomware, EPP and EDR products. Ransomwiz is a robust platform designed for the use of IT and security professionals who are looking to evaluate and improve their security posture, as well as for educational purposes. The platform shines a light on the attacks and distribution methods hackers use.
Ransomwiz is easy to understand and can be used by even the most junior security personnel. Users only need to select a directory to encrypt and choose which ransomware sample to run. Advanced customization features include overwriting options and the ability to select the rename and RIPlace method of distribution.
“The battle against ransomware can only be faced head-on by giving enterprises the awareness and tools to first understand and then properly defend against these types of attacks,” said Nir Gaist, Founder and CTO of Nyotron. “Before we announced RIPlace last year, we informed many vendors of the potential disaster that could occur. Unfortunately, almost a year after, most security products are still exposed to RIPlace, as well as to endless other techniques – which is why we felt the need to launch Ransomwiz and give security teams a way to do their own diligence and simulate attacks.”