Link to home
Start Free TrialLog in
Avatar of David Dotan Sofer
David Dotan Sofer

asked on

Kaspersky Anti-Ransomware Tool for Business

hello,

is anyone familiar with this tool: 'Kaspersky Anti-Ransomware Tool for Business'.
what is your opinion on it ?
is it free ?

thank u
Avatar of Laroy Shtotland
Laroy Shtotland
Flag of Israel image

Yes, it's free. As a complementary anti-ransomware solution, Kaspersky Anti-Ransomware Tool for Business provides corporate users with protection from ransomware and can serve as second opinion software.
For organizations that demand protection for each network level, including security technologies to protect workstations, file servers and mobile devices from all types of malware and today’s sophisticated attacks, use specialized business solutions.
Looking at the issue sideways .....
Veeam backup Protects USB-based storage targets from CryptoLocker threats
by automatically ejecting them after a successful run.

https://www.veeam.com/endpoint-backup-free.html
Avatar of furuno
furuno

As a matter of interest, anyone know does the Kaspersky Anti-Ransomware Tool work - heuristic analysis?
It uses 2 technologies: Kaspersky Security Network (KSN) and Kaspersky System Watcher.

Kaspersky Security Network, a cloud-based service dedicated to processing depersonalized cybersecurity-related data streams from millions of voluntary participants all over the world. With Kaspersky Security Network, delivery of Kaspersky Lab security intelligence happens in a matter of seconds, ensuring fast reaction times and maintaining high levels of protection. http://ksn.kaspersky.com/

System Watcher is an advanced proactive security technology that scans all important system events, including the creation and modification of operating system files and configurations, program execution and data exchange over the network. Events are recorded and analyzed, and if there is evidence that a program is performing malicious operations, those actions can be blocked and reversed, preventing further infection.
http://support.kaspersky.com/6270
http://www.kaspersky.com/images/Kaspersky_Lab_Whitepaper_System_Watcher_ENG.pdf
If you have a computer with files that have encrypted with Ransomware,
it is very unlikely that you can decrypt them yourself without paying a ransom.
This is not to be recommended as you are giving money to/dealing with criminals who may not decrypt your files anyway.
It was not part of the initial question, but if your files are already encrypted, you can try free decryptors like https://noransom.kaspersky.com/
Will it stop all versions of ransom-ware highly unlikely so it isn't a magic bullet.  What one has to look for are typical behaviour of a ransom-ware attack. modification of a significant number of files in a short period of time. deletion of shadow copies, change of file sizes of multiple files in a short period of time.  Execution of executable from the users appdata directory.

The creation of software that performs the same as ransom-ware is trivial to code, getting a spam bot to include the code or a launcher that retrieves the executable code and getting paid without being caught are the only stumbling blocks.

There are a few solutions created by the white hat community and they want to sell their ideas to the anti-virus vendors but no vendors have taken up the offer as of yet.
>>There are a few solutions created by the white hat community and they want to sell their ideas to the anti-virus vendors >>but no vendors have taken up the offer as of yet.

any particular reason(s) David?
Avatar of David Dotan Sofer

ASKER

looking for a good and simple solution for Ransomware
ASKER CERTIFIED SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial