Kaspersky Endpoint Security Cloud heeft aangetoond 100% efficiënt te zijn tegen ransomware-aanvallen. Dit blijkt uit een recente beoordeling van AV-TEST, een onafhankelijke leverancier van diensten op het gebied van IT-security en antivirusonderzoek. Als resultaat van drie verschillende scenario's en 113 aanvalsvoorbeelden, verloor het product geen enkel gebruikersbestand en overtrof het 10 verschillende cybersecurityleveranciers.
For the last several years, ransomware has grown into an industry with plenty of malware families, dedicated criminal gangs and attacks-as-a-service. In Q2 2021 alone, 3,905 new ransomware modifications appeared in the wild, while 97,451 users were attacked globally, about 6.000 more than in the previous quarter, according to Kaspersky’s research. When getting to a system, such an attack spreads quickly from one machine to another, while the remediation and restoring files may last days or even weeks. To avoid such a painful and costly consequence, businesses should use a reliable and proven cybersecurity solution that can detect malicious activity and roll back the encryption.
AV-TEST examined 11 endpoint protection platforms for three scenarios: real-world ransomware attacks on user files stored in a local system, real-world ransomware attacks on user files located in a remote shared folder, and Proof of Concept of ransomware attacks on user files on a local system. During the test, the products were expected to detect ransomware activity and its files, block it, roll back any user files changes and eliminate the threat from the targeted system. The test included 21 ransomware families such as REvil, Ryuk, Conti, Lockbit, pysa, Ragnarlocker, Ransomexx and others, as well as 14 PoCs.
Kaspersky Endpoint Security Cloud completely blocked 100% of attacks in all three scenarios with no single user file being encrypted, and threats were eliminated from the protected system. Kaspersky Endpoint Security Cloud scored the highest protection rate across all products tested, proving its value for businesses against this type of attack. It was able to protect business data in an employee’s desktop if it is attacked and in shared folders if they are compromised by existing ransomware families but also samples specially designed for the test. The latter, however, includes various real encryption techniques used by adversaries.
Ransomware protection from different products. “Completely blocked” means that ransomware was detected, and all user files were protected. “Partially blocked” means that ransomware was detected, but some user files were lost (not protected).
“Kaspersky offered a high level of protection against all ransomware attacks in our tests. It clearly outperformed the other reviewed products. Regardless of whether we're speaking about Revil or Ryuk or Conti – none of them was effective and able to perform the malicious actions when Kaspersky was protecting the system,” says Andreas Marx, CEO, AV-TEST.
“Although ransomware can really switch off a business for some time and it can be very hard and expensive to restore the data, protection from it doesn’t demand sophisticated measures or huge investment. Following simple rules such as backing up data and educating employees to not open phishing emails, together with a good endpoint security product should work just as well. It’s great to see the results of AV-TEST proving that Kaspersky endpoint protection platform can be such a safe option and guarantee absolute protection against ransomware,” comments Andrey Dankevich, Senior Product Marketing Manager at Kaspersky.
The full report, “Advanced Endpoint Protection: Ransomware Protection Test”, requested by Kaspersky and performed by AV-TEST GmbH, can be found here.
For more information about Kaspersky Endpoint Security Cloud, please visit its product page here.
About AV-TEST
AV-TEST GmbH is an independent supplier of services in the fields of IT Security and Antivirus Research, focusing on the detection and analysis of the latest malicious software and its use in comprehensive comparative testing of security products.
AV-TEST has operated out of Magdeburg (Germany) since 2004 and employs more than 30 team members, professionals with extensive practical experience. The AV-TEST laboratories include 300 client and server systems, where more than 2,500 terabytes of independently collected test data, containing both malicious and harmless sample information, are stored and processed.