?
Solved

Kaspersky Anti-Ransomware Tool for Business

Posted on 2016-08-11
10
Medium Priority
?
256 Views
Last Modified: 2016-09-22
hello,

is anyone familiar with this tool: 'Kaspersky Anti-Ransomware Tool for Business'.
what is your opinion on it ?
is it free ?

thank u
0
Comment
Question by:David Dotan Sofer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +2
10 Comments
 
LVL 5

Expert Comment

by:Laroy Shtotland
ID: 41751999
Yes, it's free. As a complementary anti-ransomware solution, Kaspersky Anti-Ransomware Tool for Business provides corporate users with protection from ransomware and can serve as second opinion software.
For organizations that demand protection for each network level, including security technologies to protect workstations, file servers and mobile devices from all types of malware and today’s sophisticated attacks, use specialized business solutions.
0
 
LVL 24

Expert Comment

by:Eirman
ID: 41752011
Looking at the issue sideways .....
Veeam backup Protects USB-based storage targets from CryptoLocker threats
by automatically ejecting them after a successful run.

https://www.veeam.com/endpoint-backup-free.html
0
 
LVL 2

Expert Comment

by:furuno
ID: 41752019
As a matter of interest, anyone know does the Kaspersky Anti-Ransomware Tool work - heuristic analysis?
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

 
LVL 5

Expert Comment

by:Laroy Shtotland
ID: 41752039
It uses 2 technologies: Kaspersky Security Network (KSN) and Kaspersky System Watcher.

Kaspersky Security Network, a cloud-based service dedicated to processing depersonalized cybersecurity-related data streams from millions of voluntary participants all over the world. With Kaspersky Security Network, delivery of Kaspersky Lab security intelligence happens in a matter of seconds, ensuring fast reaction times and maintaining high levels of protection. http://ksn.kaspersky.com/

System Watcher is an advanced proactive security technology that scans all important system events, including the creation and modification of operating system files and configurations, program execution and data exchange over the network. Events are recorded and analyzed, and if there is evidence that a program is performing malicious operations, those actions can be blocked and reversed, preventing further infection.
http://support.kaspersky.com/6270
http://www.kaspersky.com/images/Kaspersky_Lab_Whitepaper_System_Watcher_ENG.pdf
0
 
LVL 24

Expert Comment

by:Eirman
ID: 41752064
If you have a computer with files that have encrypted with Ransomware,
it is very unlikely that you can decrypt them yourself without paying a ransom.
This is not to be recommended as you are giving money to/dealing with criminals who may not decrypt your files anyway.
0
 
LVL 5

Expert Comment

by:Laroy Shtotland
ID: 41752081
It was not part of the initial question, but if your files are already encrypted, you can try free decryptors like https://noransom.kaspersky.com/
0
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 41752119
Will it stop all versions of ransom-ware highly unlikely so it isn't a magic bullet.  What one has to look for are typical behaviour of a ransom-ware attack. modification of a significant number of files in a short period of time. deletion of shadow copies, change of file sizes of multiple files in a short period of time.  Execution of executable from the users appdata directory.

The creation of software that performs the same as ransom-ware is trivial to code, getting a spam bot to include the code or a launcher that retrieves the executable code and getting paid without being caught are the only stumbling blocks.

There are a few solutions created by the white hat community and they want to sell their ideas to the anti-virus vendors but no vendors have taken up the offer as of yet.
0
 
LVL 2

Expert Comment

by:furuno
ID: 41752140
>>There are a few solutions created by the white hat community and they want to sell their ideas to the anti-virus vendors >>but no vendors have taken up the offer as of yet.

any particular reason(s) David?
0
 

Author Comment

by:David Dotan Sofer
ID: 41752176
looking for a good and simple solution for Ransomware
0
 
LVL 82

Accepted Solution

by:
David Johnson, CD, MVP earned 2000 total points
ID: 41754336
There is no real solution at this time.. Checkpoint.com has some good ideas on how to limit the damage. It is a cat and mouse game and the mice are winning.

AV is a post 0 day at best solution, the problem being that in many cases the exact launcher is only being seen 1 time.  The malware authors are creating individual launchers and the payloads are also being customized so any signature based AV will fail.  All one can do is monitor user activity and if a user changes 100+ files in a minute then you can have an appliance lockout that machine or process. The # of uniques is growing by about 100% per month in the last 6 months.
1

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The conference as a whole was very interesting, although if one has to make a choice between this one and some others, you may want to check out the others.  This conference is aimed mainly at government agencies.  So it addresses the various compli…
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Suggested Courses
Course of the Month9 days, 22 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question