Kaspersky Lab’s Free Anti-Ransomware Tool Achieves Top Marks in Independent Tests, MRG Effitas

Prayag

Level 4
Thread author
Verified
Well-known
Mar 27, 2017
160
Kaspersky Lab announces today that security research company, MRG Effitas, has found that Kaspersky Lab’s free solution, Kaspersky Anti-Ransomware Tool for Business, has achieved “100 percent protection” in all its tests, and has been awarded with a certified ransomware protection badge.

The testing involved the simulation of several delivery and infection methods using fresh samples selected from 13 crypto-ransomware and screenlocker families found in the wild, when all previous lines of defence have fallen. The results show that free, advanced protection is available to all businesses worried about WannaCry style attacks.

Businesses of all sizes have been forced to sit up and take notice as the WannaCry ransomware struck across the globe earlier this month. This virulent new strain of malware has hit hundreds of thousands of organizations by exploiting critical vulnerability in IT systems in over 150 countries. With businesses weighing up what can be done to protect their systems, independent testing by MRG Effitas shows that help is at hand for all companies, regardless of their IT security budget.

Launched in 2016, Kaspersky Anti-Ransomware Tool for Business is suitable for businesses that do not use Kaspersky Lab’s solutions, or for those whose protection is not effective at blocking ransomware. It is a complimentary tool that is compatible with third-party security products and it is easy to install and does not require deep technical knowledge to configure and manage.

“With proven effective protection available for free, Kaspersky Lab hopes that more companies can take the steps they need to safeguard IT systems from ransomware in the wake of the WannaCry attacks, which has become the largest ransomware infection in history,” said Vladimir Zapolyansky, head of the SMB business, Kaspersky Lab. “We are dedicated to making its effective protection available to everyone, and the MRG Effitas certification is a testament to the robust nature of our products.”

Ransomware is not the only security problem organizations are up against. SMBs (small and medium sized businesses) are vulnerable in particular, because they generally have few or no dedicated security personnel. In addition, because they have a strong focus on business growth, they tend to pay limited attention to IT, making it hard for them to protect themselves from various threats. While the Kaspersky Anti-Ransomware Tool for Business helps address the ransomware challenge, SMBs still can fall victim to various other attack vectors, and require multilayered security technologies to protect their financial operations and maintain the confidentiality of their customers’ information.

As part of the tests, Kaspersky Endpoint Security and Kaspersky Endpoint Security Cloud were also found to have protected every file in all ransomware test cases, each product also earning the MRG Effitas certified ransomware protection badge.

More information on the MRG Effitas report ‘Comparative Efficiency Assessment of Enterprise Security Suites against In-the-wild Ransomware’ is available on Kaspersky Lab’s website.
 

Prayag

Level 4
Thread author
Verified
Well-known
Mar 27, 2017
160
@Prayag गब्बर के खोफ से सिर्फ एक ही आदमी बचा सकता है खुद गब्बर
@ all the other members ,only ransom-ware writer can save from 100% of ransomwares
good to find another indian.
Who can talk in my native language.
Thanks for ur kind reply.
 

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,133
A couple of things about Kaspersky Anti-ransom- Not that this is in any way a bad thing (nor is KAR junk- it certainly is very, ver far from it), but it is not specific for ransomware. It instead really acts like a Cloud AV against malware using K's database. Run a Cerber and it will be blocked; run a non-ransomware banker and it will be blocked.

However, shut off the internet connection to determine the innate mechanistic protection of the product. Here the results will be more spotty- run a wannacry and it will be blocked; run the xdata ransomware and you're screwed.

Not that anyone has to worry about being disconnected from the Net prior to running a ransomware sample, but in light of the non-specific nature of KAR and the lack of a sophisticated mechanistic protection routine makes the MRG report a bit disingenuous for me.
 

Winter Soldier

Level 25
Verified
Top Poster
Well-known
Feb 13, 2017
1,486
The ransomware is in continuous evolution, the tactics employed by malware to evade antivirus, keeping anonymous the source of the infection, are changed. The communication between the ransomware and the C&C server is very often encrypted, making more difficult the decryption of the content even when you can intercept the packets in transit on the network.
The code is designed to stay long time silent in the compromised machine, until it becomes possible to exploit some vulnerability to make the attack, and so prolong in time, the extraction of data.

New ransomware/malware are becoming more sophisticated and they can adapt themself to the environment in which they are placed, through autolearning and autoconfiguration mechanisms that make less effective the protection only via pattern matching.

So good news, the Kaspersky result.
 

Butterfly

Level 3
Verified
Jul 28, 2015
104
A couple of things about Kaspersky Anti-ransom- Not that this is in any way a bad thing (nor is KAR junk- it certainly is very, ver far from it), but it is not specific for ransomware. It instead really acts like a Cloud AV against malware using K's database. Run a Cerber and it will be blocked; run a non-ransomware banker and it will be blocked.
Does it block PUP and adware too?
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Does anyone know how nicely this anti-ransomware tool plays with installed software?
Is it prone to conflicts, like the full Kaspersky suite? Or is it easy to live with?
 

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
Does anyone know how nicely this anti-ransomware tool plays with installed software?
Is it prone to conflicts, like the full Kaspersky suite? Or is it easy to live with?

I have not experienced "conflicts" with kis_2016 or kis_2017 on at least 3 pc. :D
 

Handsome Recluse

Level 23
Verified
Top Poster
Well-known
Nov 17, 2016
1,242
However, shut off the internet connection to determine the innate mechanistic protection of the product. Here the results will be more spotty- run a wannacry and it will be blocked; run the xdata ransomware and you're screwed.
How does KAR offline compare with Appcheck's then?
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Does anyone know how nicely this anti-ransomware tool plays with installed software?
Is it prone to conflicts, like the full Kaspersky suite? Or is it easy to live with?
To answer my own question:
I just installed it, and I tried 2 programs that conflicted recently with KIS (they were: Hard_Configurator, and Boxifier). Both of them worked. So it does seem like it is easier to live with. Cool.
 

simmerskool

Level 31
Verified
Top Poster
Well-known
Apr 16, 2017
2,094
To answer my own question:
I just installed it, and I tried 2 programs that conflicted recently with KIS (they were: Hard_Configurator, and Boxifier). Both of them worked. So it does seem like it is easier to live with. Cool.

...and I've never run Hard_Configurator, or Boxifier so all comments make perfect sense. o_O
 
  • Like
Reactions: shmu26

Evjl's Rain

Level 47
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Apr 18, 2016
3,684
How does KAR offline compare with Appcheck's then?
appcheck free > KART in offline

KART is great against already detected ransomwares (by KSN) but so-so against new ransomwares. It can't restore or block all files. If it's infected, we're screwed
appcheck can work fully offline and it's more consistent compared to KART. Sometimes it fails to protect but your files can still be fully restored from appcheck's backup folders

IMO, appcheck free > KART for very new ransomwares. KART is only > appcheck because of its instant cloud detection for non-zeroday RWs
it's system watcher is OK but far from KIS/KAV/KTS's system watcher
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top