The game is based around a quick and simple simulation of a scenario where a ransomware attack hits a medium-sized business. You’ll be able to prepare for the attack and choose your response accordingly.

You’ll explore some of the hurdles – both technical and organizational – you might face if your organization’s hit by a ransomware attack. You’ll be testing your own reactions, and finding out how best to prepare and respond, together with what tools you might need to help deflect such an attack.

Hackers love attacking endpoints (laptops, workstations, servers, IoT devices, etc.) and many attacks begin with phishing via email or web sites. Other methods, like exploitation of public-facing apps and compromised accounts, are also very popular with attackers.

Have the right tools, like Endpoint Detection and Response (EDR) and/or Managed Detection and Response (MDR), and expertise on hand, and - most importantly – develop an incident response plan ahead of time, so you know what to do if and when disaster strikes.

EPPs are great at preventing and automatically detecting endpoint attacks. But evasive threats often use legitimate system tools and employ evasion and persistence techniques, making it hard to respond automatically. That’s where investigation and response tools like EDR come in. Learn more about EPP versus EDR here.

Then a basic EDR tool like Kaspersky EDR Optimum, featuring high levels of automation and a quick and simple threat investigation and response approach, will be perfect for you. Most actions are performed in a single alert cart, complete with response guidance and recommendations. Check out how it works here.

Congratulations! You’re probably a cybersecurity specialist with quite some experience. Maybe you’d be interested in learning about ransomware Tactics, Techniques and Procedures (watch the webinar) or how you can face up to the complexity of infrastructures and toolsets in use today (read the whitepaper)?

Kaspersky EDR Optimum is a basic EDR tool that delivers straightforward defense-in-depth with no additional overheads. Automation features ensure that incidents are dealt with swiftly and with minimal human intervention. A strong EPP foundation combines with essential EDR functionality, providing fast and simple visibility, investigation and response. Learn more here.

Read up on our wider solution for mid-size organizations, Kaspersky Optimum Security, here and learn more about how to protect your business and infrastructure during these times of remote working and ransomware epidemics here. You can also try Kaspersky EDR Optimum for 30 days for free by following this link.

This isn’t a deep technical exercise, but could well be worth taking a few minutes to play if you’re IT and cybersecurity specialist and manager, or if you just think you’d enjoy exploring a day in the life of a cybersecurity specialist.

We separate all cyberthreats to organizations – everything from ransomware malware or spyware - into three categories according to frequency and danger: commodity, evasive and complex or targeted attacks. Any threat can hit any organization, so you need to be aware, and able to escalate your security level if needed.

According to our data, 64% of organizations worldwide have already been hit, just by ransomware attacks. Two thirds believe there’s a high possibility of a ransomware and/or data theft attack on their infrastructure. Launching an attack can cost under $100, so taking a swing at cybercrime is unfortunately easy and cost-effective.

If, despite all your precautions, you become a victim of ransomware, first visit NoMoreRansom.org to see if there’s a decryptor already available. Otherwise, you can employ our help by using the Kaspersky Incident Response service.

With expert EDRs, you’ll probably be threat hunting and conducting other complex, time consuming but important tasks. With basic EDR, as featured in our game, investigating and responding promptly should only take around 15-30 minutes per alert, depending on the complexity of the incident and your infrastructure.

If you don’t have enough hands on deck to handle cybersecurity effectively, think about a Managed Detection and Response (MDR) service. Kaspersky MDR, for example, provides help from our own experts who’ll handle the most taxing and complicated cybersecurity tasks for you, taking your security to the next level.

Different organizations need different tools - depending on multiple factors including expertise, available time, resources etc. For those with advanced knowledge of cybersecurity, we recommend taking a look at Kaspersky EDR Expert. Here you’ll find many additional capabilities, like threat hunting, Indicator of Attack detection and multiple response options.

Combining EPP and EDR features, Kaspersky EDR Optimum helps prevent business disruption and associated losses by neutralizing threats, as well as giving your cybersecurity team the tools to investigate and respond to more advanced evasive threats. You can also scan proactively for current threats using an in-built Indicator of Compromise (IoC) scanner.

Just click on the video and start playing! You’ll be presented with a number of situations that could occur during your day-to-day operations, together with a set of choices. Choose what you feel is the right course of action - then see what happens!

Increasingly frequent and highly dangerous, evasive threats fall between easily thwarted commodity attacks, and professionally launched complex attacks. Evasive attacks are based on ready-made tools available on the dark web and they don’t require much expertise to launch. They’re persistent, use multiple evasion techniques and can use legitimate system tools or Living Off The Land.

Expect your backups to be compromised and encrypted, data stolen and exfiltrated for double ransom, and your business processes disrupted. Even if you pay the ransom, there’s no guarantee the data will be fully recovered. It’s best to have a plan (or a playbook) and the right protection tools beforehand.

A few key recommendations are: keep up-to-date with patches and updates, maintain a cybersafe culture through employee training, use strong endpoint protection, investigate threats using EDR or MDR, ensure your RDP and VPN configurations are safe, and don’t forget about VDI and public cloud workloads. You’ll find a checklist here.

For cloud-deployed EDR, the TCO will be minimal – usually just the price of the license and your time. For on-premise installation, basic EDR like Kaspersky EDR Optimum will require a small server to host the console. Expert-level EDR might need a larger server to store all the telemetry data.

Try starting with a ransomware protection check list, then build an incident response plan and finally establish what level of endpoint protection you need. Be aware of threats your organization faces, your blind spots and weaknesses – including in gateways, public cloud workloads and VMs, endpoints, and also your own employees.

While endpoints are the attackers’ favorite way inside the organization, your whole infrastructure needs protection. We offer a wide range of tools for protection beyond the endpoint, like Kaspersky Anti Targeted Attack Platform for extended detection and response, as well as a number of cybersecurity services, MDR and Threat Intelligence.

Inherent next-gen endpoint security, advanced detection based on machine learning, and IoC scanning combine to enable accurate detection and prevention. Both automatic and semi-automatic investigation and response options give more visibility and control over your endpoints and your infrastructure.