Gandalf_The_Grey
Level 83
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,262
The results:All major ransomware attacks follow a certain attack pattern of APT groups. That's why the lab at AV-TEST simulated attacks on 14 protection solutions for corporate users with 10 sophisticated Advanced Persistent Threat scenarios, trying to encrypt the systems per ransomware. In doing so, each defensive step was evaluated according to the pattern of the MITRE ATT&CK Matrix. The test revealed: Many corporate products are good system defenders.
Every day, protection solutions for corporate users normally have to detect, classify and fend off thousands of attackers. The lab at AV-TEST already assesses this classical protection every two months with its certification tests for corporate protection software and thus evaluates the consistent security of the products.
In the latest Advanced Threat Protection test, the lab evaluated 14 endpoint protection platforms (EPP) in terms of their performance against new, still unknown attack scenarios with ransomware, as they are normally carried out by hacker groups. Unfortunately, many such attacks have been successful in the past, as evidenced by numerous media reports.
Various security companies have already designated numbers from 1 to 41 for several APT groups, as they also show up under several names. Others stick to a group description. APT38, for example, deployed Hermes ransomware, with AES 256-bit encryption. APT41 bought the ransomware-as-a-service (RaaS) encryptor RaaS and used it to extort companies. The FIN7 group mounted specialized attacks on ESXi virtualization servers of VMware with Darkside ransomware. Also notorious is the TA505 group, which encrypted large volumes of data with the LockerGoga ransomware. This software was used against the Norwegian aluminum manufacturer Norsk Hydro, for example. Many smaller APT groups without special names recurringly rely on variants of successful ransomware, such as REvil, Ryuk, Maze, Conti or NotPetya.
Protection Solutions vs. Ransomware in the Advanced Threat Protection Test
All major ransomware attacks follow a certain attack pattern of APT groups. That's why the lab at AV-TEST simulated attacks on 14 protection solutions for corporate users with 10 sophisticated Advanced Persistent Threat scenarios, trying to encrypt the systems per ransomware. In doing so, each...
www.av-test.org