• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Raz-Lee Simulates Ransomware Attack on IBM i

    August 12, 2020 Alex Woodie

    How would your IBM i server react to a ransomware attack? Would it successfully repel the invaders, or would it give the bad guys what they’re after: chaos and bitcoin? Simulating a ransomware attack is the gist of a new feature in Anti-Ransomware from Raz-Lee Security, which recently shipped a new release of the software.

    Raz-Lee Security debuted Anti-Ransomware back in 2018, a year after a pair of widespread ransomware attacks (WannaCry and Petya) made the computing world sit up and take notice of the new security threat blossoming on the Internet.

    Anti-Ransomware uses a rules-based approach to detect the presence of active ransomware on IBM i servers. It specifically looks for activity involving IFS, the Windows-like file system that is susceptible to Windows malware, and which is the most common target of ransomware attacks on IBM i.

    The software monitors the customer’s IFS for any unusual activity or changes to file names or extensions, which can be signs that a ransomware is active. If it detects potential ransomware activity, the software stops the attack by disconnecting the IBM i from the network. It also sends alerts to administrators and SIEM (security information and event management) systems, and can also shut down the PC that’s the source of the attack.

    With the new release of Anti-Ransomware unveiled last month, Raz-Lee is including a new PC-based component that launches a simulated ransomware on the IBM i server. The attacks, which can emulate attacks known as Sodinokibi, Ryuk, CryptoLocker, or WannaCry, can help to pinpoint problems in the company’s ransomware response ahead of time.

    “Simulated attacks are completely safe, but the IBM i sees them as realistic ransomware attacks,” the company states. “With these combined capabilities, organizations can have confidence that their IBM i is well protected.”

    Running a simulated attack helps IBM i shops fine-tune the product, says Shmuel Zailer, CEO of Raz-Lee Security.

    The new attack simulator feature in Raz-Lee’s Anti-Ransomware offering helps users fine-tune the product and gives them the assurance that it’s working.

    “It is the only way to verify that Anti-Ransomware is properly installed and working,” he tells IT Jungle via email. “It helps you learn how many files you would allow to be compromised before reacting, eliminating false positive alerts.”

    IBM i shops aren’t immune to ransomware. There are no reports of data stored in the Db2 for i database being corrupted by a ransomware attacks, but several customers have reported the contents of their IFS stores being encrypted.

    In a 2017 webinar, representatives of HelpSystems related stories of two IBM i shops that fell victim to ransomware attacks, including one that paid the $200,000 ransom to get the encryption key; the other had good backups, but still required a month to rebuild the system.

    IBM i shops should continue to be vigilant regarding potential Internet-born threats during the current period of unrest, Zailer says.

    “During this COVID-19 pandemic, ransomware and other cyber-attacks have increased, targeting healthcare, financial, and government organizations,” Zailer states in a press release. “Cybercriminals are looking to take advantage of this global crisis. Now more than ever, it is important to ensure that IT systems are safe.”

    Zailer pointed out that Sapiens, a developer of decision management software that runs on IBM i and other platforms, recently fell victim to a ransomware attack. The company, which has operations in the United States and Israel, paid $250,000 in bitcoin to get the decryption key, according to an article in CTech.

    It’s unclear what systems at Sapiens were involved in the attack, but there is some speculation that the work-from-home mandate instituted by many companies in response to the COVID-19 pandemic may have played a role.

    RELATED STORIES

    Raz-Lee Debuts Anti-Ransomware For IBM i

    Assessing The Ransomware Threat On IBM i

    Ransomware Raises The Stakes For Data Insurance

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags: Tags: CryptoLocker, DB2 for i, IBM i, IFS, Ransomware, Raz-Lee Security, Ryuk, Sodinokibi, WannaCry

    Sponsored by
    UCG Technologies

    DON’T GAMBLE WITH YOUR DATA

    VAULT400 IBM i Cloud Backup & DRaaS

    PROTECT YOUR CRITICAL DATA WITH CLOUD, HYBRID CLOUD OR PRIVATE CLOUD OPTIONS.

    UCG Technologies protects all platforms from 10GB to in excess of 100TB with specific expertise in IBM Power Systems running the IBM i OS/IBM iSeries OS. A 2019 Server OS Reliability Survey found that one hour of downtime costs:

    • At least $100,000 for 98% of companies
    • $300,000 or higher for 86% of businesses
    • $1 million to over $5 million for 34% of surveyed companies

    The most common reasons for data loss are human error, data corruption, power failure, natural disasters and theft. Should a serious data loss or disaster occur, UCG provides DR and H/A options ranging from a 48-hour DR quick ship to 24, 12 and a less than 1-hour H/A RTO.

    KEY BENEFITS

    • Cloud, hybrid cloud or private cloud options
    • Breadth of product support–most platforms and databases
    • Best-in-industry compression, de-dup and bit-block processing
    • 22 secure, regulatory compliant data centers in the US and Canada
    • AES 256-bit encryption at rest and in flight
    • Image-based backup and bare metal restore (BMR) – Physical Server
    • Snapshot protection for vSphere and Hyper-v – Virtual Server
    • Customized scheduling and bandwidth throttling
    • Granular restore for quick recovery of files and folders
    • Tiered hardware recovery for IBM POWER9 (i) and Intel (vSphere and Hyper-v)
    • Managed by experts with 30+ years in the industry – Knowledge, Focus, Execution, and Passion

    ADD A VIRTUAL, HYBRID, OR PRIVATE CLOUD APPLIANCE FOR THE BEST OF BOTH WORLDS.

    By adding a local virtual, hybrid or private cloud appliance, you get the local performance of an onsite appliance and the unlimited storage capacity of the cloud. IBM i cloud backup and DR Appliances scale from 1TB to 50TB of storage per appliance. With an infinite amount of cloud storage capacity, and the local performance of on-premise data protection appliances with optional offsite replication to the cloud, you can count on a solution that scales with your data growth requirements and gives you the instant restore and recovery of an on-premise backup appliance.

    UCG Virtual Hybrid Cloud ERA Appliance: A local VM slice provided by client with segmented SAN storage for IBM i cloud backup and DRaaS subscribers that delivers fast, LAN-speed recoveries. Holds the last seven days of backup data and automatically replicates to the UCG cloud.

    UCG Hybrid Cloud ERA Appliance: A local backup appliance for UCG Cloud Backup and Recovery Services customers that delivers fast, LAN-speed recoveries. Holds the last seven days of backup data and automatically replicates to the UCG cloud.

    UCG Private Cloud PnP Appliances: An integrated backup and recovery appliance (3TB to 50TB) for the fastest path to on-premise data protection. Client site and UCG COLO.

    HOW IT WORKS.

    VAULT400 IBM i cloud backup and DRaaS centralizes the backup and recovery of data on all servers throughout the enterprise—headquarters, as well as remote and branch office (ROBO) locations. Agents automatically back up your data over a secure and encrypted internet connection to UCG’s secure data centers. You are able to monitor and manage everything within a web browser. Recovery is just as easy: When you need to restore, simply navigate to the recovery point via an intuitive interface, and then click. Throughout the entire backup and recovery process, FIPS-approved 256-bit AES encryption keeps your data secure.

    UCG’s IBM i cloud backup, DR and H/A solutions can back up and recover thousands of physical and virtual servers.

    LEARN MORE:

    Download the VAULT400 IBM i Cloud Backup & DRaaS Datasheet

    During this unprecedented time, don’t wait for your business

    To suffer a disaster to take action.

    BACKING UP CRITICAL DATA WITH TAPE IS A GAMBLE NO BUSINESS CAN AFFORD TO TAKE.

    Serving the US, Canada, & Latin America

    Visit VAULT400.com/proposal to receive a FREE analysis and proposal

    VAULT400 Cloud Backup & DRaaS is an IBM server-proven solution.

    800.211.8798 | info@ucgtechnologies.com| ucgtechnologies.com/cloud

    To the First Responders serving on the front-lines during the COVID-19 pandemic,
    we extend our heartfelt gratitude.

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    IBM Rolls Out ACS 1.1.8.5 Accelerating DX Does Not Necessarily Mean Spending More Bucks

    Leave a Reply Cancel reply

TFH Volume: 30 Issue: 48

This Issue Sponsored By

  • UCG Technologies
  • COMMON
  • Fresche Solutions
  • iTech Solutions
  • Raz-Lee Security

Table of Contents

  • Raz-Lee Simulates Ransomware Attack on IBM i
  • IBM Rolls Out ACS 1.1.8.5
  • Man-DB Brings Documentation to IBM i
  • Four Hundred Monitor, August 12
  • IBM i PTF Guide, Volume 22, Number 32

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • IBM Extends Dynamic Capacity Pricing Scheme To Its Cloud
  • Here’s What You Should Do About The IBM i Skills Shortage
  • Matillion Founder Recounts Midrange Roots
  • Four Hundred Monitor, February 24
  • IBM i PTF Guide, Volume 23, Number 8
  • iTech Solutions Keeps You In The Know With VERIFi
  • Tech Data’s Take On Certified Pre-Owned IT Gear
  • Guru: Prompting Stored Procedures
  • As I See It: Sunshine Or Oxygen?
  • Looking For Some Insight On IBM i Security

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2021 IT Jungle

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.