Ransomware has become a staple of cybercrime because it’s so effective. Core Impact’s new ransomware simulation feature is a great way to prevent malware from stealing your data or locking you out of your computer.
Ransomware is one of the top concerns for cybersecurity professionals, according to the 2022 Penetration Testing Report. Unfortunately, the ever-constant anxiety over ransomware is well justified—a report by PhishLabs shows there is a consistently rapid increase in ransomware, with a growth rate of well over 100% year over year. The costs of an attack are also on the rise and has even put some organizations out of business; the average ransom demand alone was $220,298 in 2021. The recovery cost is much steeper and averages at $1.8 million.
Ransomware has become popular due to its ease of use. Malware kits are available for purchase on the dark web, and you can hire the work through Ransomware-as-a-Service (RAAS) providers. Also, the most common ransomware vectors are built into every organisation and are impossible to close—according to the 2021 Malware Report, 70% of ransomware breaches had entered the surveyed organisations using phishing emails.
However, despite these challenges, organisations are not helpless against ransomware threats. Just as you build up your physical health and mental well-being through consistent exercise, the same holds true for cybersecurity—the best defence is a good offence.
Ransomware Simulation with Core Impact
Core Impact customers can now simulate a ransomware attack with an automated Rapid Pen Test (RPT). The RPT is paired with a phishing campaign RPT and can be used to encrypt user-specified files using a fully reversible symmetric key. It can also exfiltrate files to establish which mission-critical data is most at risk after the initial breach is complete.
The attack simulator offers an automatic rollback after a set amount of time, leaving the environment as it was before the attack. If files remain encrypted after that period, this gives defensive utilities a chance for detection and subsequent triggering of corrective actions.
Core Impact’s ransomware simulator enables you to create and leave an explanatory README file once the exercise has been completed. This file will then inform a user that they have experienced a ransomware scenario, and prompt them to contact the security team or provide other next steps, such as further training on ransomware and how it can get into your system.
You can see Core Impact’s attack simulation in action in the overview video below:
Enhance and upgrade your penetration testing capabilities and to get started why not book a free consultation.
S4 Applications can help your business review its ability to protect assets and respond to cyber threats to help make vulnerability and threat management a strategic priority in your business.
Book a demo for Core Impact and contact us for a consultation.