What is Testing Ransomware?

Open 1 Answers 33 Views Technology
What is Testing Ransomware?

1 Answer

Testing Ransomware
  • The features to be considered when testing the ability of a security solution to detect ransomware:

    • At what point the ransomware is detected? (pre-execution or post-execution)

    • What kind of damage the ransomware was able to inflict before it was detected?

  • To evaluate the impact of a file encryptor ransomware sample, a realistic file system (preferably with a large volume of files in every directory) is required before starting the testing phase.

    • For example, the file system could include a documents folder, a pictures folder, and so on (files can be duplicated and renamed for the purpose).

    • This will facilitate the evaluation of:

      • The ability of the security solution/product to roll back the effects of the attack.
  • It is safest to test ransomware by using the "one at a time" method.

by (301k points)