Nyotron, an endpoint detection and response (EDR) solutions provider, has launched the Ransomwiz ransomware simulation platform for IT and security professionals.
Ransomwiz allows IT and security professionals to generate non-malicious ransomware samples, according to Nyotron. In doing so, IT and security professionals can use these samples to learn about ransomware attacks and find ways to improve their security posture.
How Does Ransomwiz Work?
With Ransomwiz, IT and security professionals select a directory to encrypt and choose which ransomware sample to run, Nyotron said. A sample does not collect or send out any information, and Nyotron provides instructions to ensure it can be run safely.
In addition, Nyotron has implemented the following measures to limit the risk of Ransomwiz abuse:
- Fixed encryption key for all generated samples
- Explicit user consent is required to run samples
- Parent process must be explorer.exe
- Absolute target path required
- Limited file size
- System paths excluded
- Registration required
Ransomwiz is available free of charge; IT and security professionals who want to use the platform must submit an application for review.
How to Prepare for Ransomware Attacks
Along with using Ransomwiz, IT and security professionals can prepare for ransomware attacks in several ways, including:
- Deploy multi-factor authentication (MFA) across all systems.
- Develop and monitor data protection and cybersecurity processes.
- Offer cybersecurity awareness training to employees across all departments.
Ransomware attacks spiked in the United States in the first half of 2020, according to the "2020 Cyber Threat Report" from firewall solutions provider SonicWall. However, MSSPs can provide cybersecurity testing, EDR and other security services to help organizations guard against ransomware attacks and other cyber threats.