• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Raz-Lee Simulates Ransomware Attack on IBM i

    August 12, 2020 Alex Woodie

    How would your IBM i server react to a ransomware attack? Would it successfully repel the invaders, or would it give the bad guys what they’re after: chaos and bitcoin? Simulating a ransomware attack is the gist of a new feature in Anti-Ransomware from Raz-Lee Security, which recently shipped a new release of the software.

    Raz-Lee Security debuted Anti-Ransomware back in 2018, a year after a pair of widespread ransomware attacks (WannaCry and Petya) made the computing world sit up and take notice of the new security threat blossoming on the Internet.

    Anti-Ransomware uses a rules-based approach to detect the presence of active ransomware on IBM i servers. It specifically looks for activity involving IFS, the Windows-like file system that is susceptible to Windows malware, and which is the most common target of ransomware attacks on IBM i.

    The software monitors the customer’s IFS for any unusual activity or changes to file names or extensions, which can be signs that a ransomware is active. If it detects potential ransomware activity, the software stops the attack by disconnecting the IBM i from the network. It also sends alerts to administrators and SIEM (security information and event management) systems, and can also shut down the PC that’s the source of the attack.

    With the new release of Anti-Ransomware unveiled last month, Raz-Lee is including a new PC-based component that launches a simulated ransomware on the IBM i server. The attacks, which can emulate attacks known as Sodinokibi, Ryuk, CryptoLocker, or WannaCry, can help to pinpoint problems in the company’s ransomware response ahead of time.

    “Simulated attacks are completely safe, but the IBM i sees them as realistic ransomware attacks,” the company states. “With these combined capabilities, organizations can have confidence that their IBM i is well protected.”

    Running a simulated attack helps IBM i shops fine-tune the product, says Shmuel Zailer, CEO of Raz-Lee Security.

    The new attack simulator feature in Raz-Lee’s Anti-Ransomware offering helps users fine-tune the product and gives them the assurance that it’s working.

    “It is the only way to verify that Anti-Ransomware is properly installed and working,” he tells IT Jungle via email. “It helps you learn how many files you would allow to be compromised before reacting, eliminating false positive alerts.”

    IBM i shops aren’t immune to ransomware. There are no reports of data stored in the Db2 for i database being corrupted by a ransomware attacks, but several customers have reported the contents of their IFS stores being encrypted.

    In a 2017 webinar, representatives of HelpSystems related stories of two IBM i shops that fell victim to ransomware attacks, including one that paid the $200,000 ransom to get the encryption key; the other had good backups, but still required a month to rebuild the system.

    IBM i shops should continue to be vigilant regarding potential Internet-born threats during the current period of unrest, Zailer says.

    “During this COVID-19 pandemic, ransomware and other cyber-attacks have increased, targeting healthcare, financial, and government organizations,” Zailer states in a press release. “Cybercriminals are looking to take advantage of this global crisis. Now more than ever, it is important to ensure that IT systems are safe.”

    Zailer pointed out that Sapiens, a developer of decision management software that runs on IBM i and other platforms, recently fell victim to a ransomware attack. The company, which has operations in the United States and Israel, paid $250,000 in bitcoin to get the decryption key, according to an article in CTech.

    It’s unclear what systems at Sapiens were involved in the attack, but there is some speculation that the work-from-home mandate instituted by many companies in response to the COVID-19 pandemic may have played a role.

    RELATED STORIES

    Raz-Lee Debuts Anti-Ransomware For IBM i

    Assessing The Ransomware Threat On IBM i

    Ransomware Raises The Stakes For Data Insurance

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    Tags: Tags: CryptoLocker, DB2 for i, IBM i, IFS, Ransomware, Raz-Lee Security, Ryuk, Sodinokibi, WannaCry

    Sponsored by
    New Generation Software

    Free NGS-IQ Webinar: A Better Way to Connect IBM i Data and Microsoft 365 Users.

    Business users rely on Excel, SharePoint, Access, and other Microsoft tools to view, analyze, and share data. But what if your data is too sensitive and complex to simply open up to non-technical users via ODBC and Microsoft 365’s query functions?

    Attend our webinar on June 22, 2022, and see how you can make the people you support smile even as you centrally manage and secure IBM i data access.

    www.ngsi.com– 800-824-1220

    Share this:

    • Reddit
    • Facebook
    • LinkedIn
    • Twitter
    • Email

    IBM Rolls Out ACS 1.1.8.5 Accelerating DX Does Not Necessarily Mean Spending More Bucks

    Leave a Reply Cancel reply

TFH Volume: 30 Issue: 48

This Issue Sponsored By

  • UCG Technologies
  • COMMON
  • Fresche Solutions
  • iTech Solutions
  • Raz-Lee Security

Table of Contents

  • Raz-Lee Simulates Ransomware Attack on IBM i
  • IBM Rolls Out ACS 1.1.8.5
  • Man-DB Brings Documentation to IBM i
  • Four Hundred Monitor, August 12
  • IBM i PTF Guide, Volume 22, Number 32

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • IBM i 7.3 TR12: The Non-TR Tech Refresh
  • IBM i Integration Elevates Operational Query and Analytics
  • Simplified IBM i Stack Bundling Ahead Of Subscription Pricing
  • More Price Hikes From IBM, Now For High End Storage
  • Big Blue Readies Power10 And IBM i 7.5 Training for Partners
  • IBM Delivers More Out-of-the-Box Security with IBM i 7.5
  • Groundhog Day For Malware
  • IBM i Community Reacts to IBM i 7.5
  • Four Hundred Monitor, May 11
  • IBM i PTF Guide, Volume 24, Number 19

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.