Deep and direct ransomware testing
Deep and direct ransomware testing
SE Labs tested CrowdStrike Falcon against a range of ransomware attacks designed to extort victims. These attacks were realistic, using the same tactics and techniques as those used against victims in recent months.
Target systems, protected by CrowdStrike Falcon, were attacked by testers acting in the same way as we observe ransomware groups to behave.
Attacks were initiated from the start of the attack chain, using phishing email links and attachments, as just two examples. Each attack was run from the very start to its obvious conclusion, which means attempting to steal, encrypt and destroy sensitive data on the target systems.
Product factsheet:
Enterprise Advanced Security (Ransomware): CrowdStrike Falcon
Ransomware is the most visible, most easily understood cyber threat affecting businesses today. Paralysed computer systems mean stalled business and loss of earnings. On top of that, a ransom demand provides a clear, countable value to a threat. A demand for “one million dollars!” is easier to quantify than the possible leak of intellectual property to a competitor.
Given the global interest and terror around ransomware, we have created a comprehensive test that shows how effective security products are when faced with the whole range of threats posed by ransomware itself and the criminal groups operating in the shadows.
In this report we have taken two main approaches to assessing how well products can detect and protect against ransomware.
Enterprise Advanced Security (Ransomware) Tested
This detailed report looks at ransomware detection during a full network attack; and protection against known ransomware attacks and their unknown variants. We include details about the different types of ransomware attacks, including the tactics used by different criminal groups.