• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Raz-Lee Simulates Ransomware Attack on IBM i

    August 12, 2020 Alex Woodie

    How would your IBM i server react to a ransomware attack? Would it successfully repel the invaders, or would it give the bad guys what they’re after: chaos and bitcoin? Simulating a ransomware attack is the gist of a new feature in Anti-Ransomware from Raz-Lee Security, which recently shipped a new release of the software.

    Raz-Lee Security debuted Anti-Ransomware back in 2018, a year after a pair of widespread ransomware attacks (WannaCry and Petya) made the computing world sit up and take notice of the new security threat blossoming on the Internet.

    Anti-Ransomware uses a rules-based approach to detect the presence of active ransomware on IBM i servers. It specifically looks for activity involving IFS, the Windows-like file system that is susceptible to Windows malware, and which is the most common target of ransomware attacks on IBM i.

    The software monitors the customer’s IFS for any unusual activity or changes to file names or extensions, which can be signs that a ransomware is active. If it detects potential ransomware activity, the software stops the attack by disconnecting the IBM i from the network. It also sends alerts to administrators and SIEM (security information and event management) systems, and can also shut down the PC that’s the source of the attack.

    With the new release of Anti-Ransomware unveiled last month, Raz-Lee is including a new PC-based component that launches a simulated ransomware on the IBM i server. The attacks, which can emulate attacks known as Sodinokibi, Ryuk, CryptoLocker, or WannaCry, can help to pinpoint problems in the company’s ransomware response ahead of time.

    “Simulated attacks are completely safe, but the IBM i sees them as realistic ransomware attacks,” the company states. “With these combined capabilities, organizations can have confidence that their IBM i is well protected.”

    Running a simulated attack helps IBM i shops fine-tune the product, says Shmuel Zailer, CEO of Raz-Lee Security.

    The new attack simulator feature in Raz-Lee’s Anti-Ransomware offering helps users fine-tune the product and gives them the assurance that it’s working.

    “It is the only way to verify that Anti-Ransomware is properly installed and working,” he tells IT Jungle via email. “It helps you learn how many files you would allow to be compromised before reacting, eliminating false positive alerts.”

    IBM i shops aren’t immune to ransomware. There are no reports of data stored in the Db2 for i database being corrupted by a ransomware attacks, but several customers have reported the contents of their IFS stores being encrypted.

    In a 2017 webinar, representatives of HelpSystems related stories of two IBM i shops that fell victim to ransomware attacks, including one that paid the $200,000 ransom to get the encryption key; the other had good backups, but still required a month to rebuild the system.

    IBM i shops should continue to be vigilant regarding potential Internet-born threats during the current period of unrest, Zailer says.

    “During this COVID-19 pandemic, ransomware and other cyber-attacks have increased, targeting healthcare, financial, and government organizations,” Zailer states in a press release. “Cybercriminals are looking to take advantage of this global crisis. Now more than ever, it is important to ensure that IT systems are safe.”

    Zailer pointed out that Sapiens, a developer of decision management software that runs on IBM i and other platforms, recently fell victim to a ransomware attack. The company, which has operations in the United States and Israel, paid $250,000 in bitcoin to get the decryption key, according to an article in CTech.

    It’s unclear what systems at Sapiens were involved in the attack, but there is some speculation that the work-from-home mandate instituted by many companies in response to the COVID-19 pandemic may have played a role.

    RELATED STORIES

    Raz-Lee Debuts Anti-Ransomware For IBM i

    Assessing The Ransomware Threat On IBM i

    Ransomware Raises The Stakes For Data Insurance

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags: Tags: CryptoLocker, DB2 for i, IBM i, IFS, Ransomware, Raz-Lee Security, Ryuk, Sodinokibi, WannaCry

    Sponsored by
    WorksRight Software

    Do you need area code information?
    Do you need ZIP Code information?
    Do you need ZIP+4 information?
    Do you need city name information?
    Do you need county information?
    Do you need a nearest dealer locator system?

    We can HELP! We have affordable AS/400 software and data to do all of the above. Whether you need a simple city name retrieval system or a sophisticated CASS postal coding system, we have it for you!

    The ZIP/CITY system is based on 5-digit ZIP Codes. You can retrieve city names, state names, county names, area codes, time zones, latitude, longitude, and more just by knowing the ZIP Code. We supply information on all the latest area code changes. A nearest dealer locator function is also included. ZIP/CITY includes software, data, monthly updates, and unlimited support. The cost is $495 per year.

    PER/ZIP4 is a sophisticated CASS certified postal coding system for assigning ZIP Codes, ZIP+4, carrier route, and delivery point codes. PER/ZIP4 also provides county names and FIPS codes. PER/ZIP4 can be used interactively, in batch, and with callable programs. PER/ZIP4 includes software, data, monthly updates, and unlimited support. The cost is $3,900 for the first year, and $1,950 for renewal.

    Just call us and we’ll arrange for 30 days FREE use of either ZIP/CITY or PER/ZIP4.

    WorksRight Software, Inc.
    Phone: 601-856-8337
    Fax: 601-856-9432
    Email: software@worksright.com
    Website: www.worksright.com

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    IBM Rolls Out ACS 1.1.8.5 Accelerating DX Does Not Necessarily Mean Spending More Bucks

    Leave a Reply Cancel reply

TFH Volume: 30 Issue: 48

This Issue Sponsored By

  • UCG Technologies
  • COMMON
  • Fresche Solutions
  • iTech Solutions
  • Raz-Lee Security

Table of Contents

  • Raz-Lee Simulates Ransomware Attack on IBM i
  • IBM Rolls Out ACS 1.1.8.5
  • Man-DB Brings Documentation to IBM i
  • Four Hundred Monitor, August 12
  • IBM i PTF Guide, Volume 22, Number 32

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • Liam Allan Shares What’s Coming Next With Code For IBM i
  • From Stable To Scalable: Visual LANSA 16 Powers IBM i Growth – Launching July 8
  • VS Code Will Be The Heart Of The Modern IBM i Platform
  • The AS/400: A 37-Year-Old Dog That Loves To Learn New Tricks
  • IBM i PTF Guide, Volume 27, Number 25
  • Meet The Next Gen Of IBMers Helping To Build IBM i
  • Looks Like IBM Is Building A Linux-Like PASE For IBM i After All
  • Will Independent IBM i Clouds Survive PowerVS?
  • Now, IBM Is Jacking Up Hardware Maintenance Prices
  • IBM i PTF Guide, Volume 27, Number 24

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2025 IT Jungle