Tips for an Information Security Analyst/Pentester career - Ep. 32: Ransomware prevention
DISCLAIMER: This post doesn't in any way represent an endorsement or a sponsored post aiming at promoting the specific tool commented.
Though I deeply admire Mr. Kevin Mitnick's work, I never had so far the pleasure of meeting him or working with him personally.
I simply talk about the software I personally test, as I've always done so far and as stated by my blog motto.
A while ago, someone on Peerlyst had mentioned to me a tool called Ransomware Simulator (or RanSim, in short), developed by famous hacker Kevin Mitnick's company.
I put this information on hold for a while, as I was going through my Security+ certification, so I decided this was the right time to have a look at it.
The concept behind this tool is pretty interesting. It works a little bit like a vulnerability scanner, but with specific regard to popular ransomware variants.
I tested RanSim on a Windows 10 Pro virtual machine with two processors and at least 2 GB of RAM (these are its hardware requirements).
I ran a scan against my system and, after a short while, it returned 14 potential scenarios that could have been exploited by several popular ransomware variants, 10 of which were ranked as critical.
In other words, it'd allow you to prevent 14 possible cases of infection, 10 of which would have been basically certain.
I don't know what the accuracy of RanSim is, but I think prevention is paramount in this case.
Tools like this, along with a clear and effective backup policy and the right corporate culture, implemented across the organization, can make a big difference in countering these pesky threats.
Thank you for your time.
Comments
Post a Comment