Kaspersky Endpoint Security Cloud ensures 100% protection from ransomware, confirmed AV-TEST

October 2021 by Marc Jacob

For the last several years, ransomware has grown into an industry with plenty of malware families, dedicated criminal gangs and attacks-as-a-service. In Q2 2021 alone, 3,905 new ransomware modifications appeared in the wild, while 97,451 users were attacked globally, about 6.000 more than in the previous quarter, according to Kaspersky’s research. When getting to a system, such an attack spreads quickly from one machine to another, while the remediation and restoring files may last days or even weeks. To avoid such a painful and costly consequence, businesses should use a reliable and proven cybersecurity solution that can detect malicious activity and roll back the encryption.

AV-TEST examined 11 endpoint protection platforms for three scenarios: real-world ransomware attacks on user files stored in a local system, real-world ransomware attacks on user files located in a remote shared folder, and Proof of Concept of ransomware attacks on user files on a local system. During the test, the products were expected to detect ransomware activity and its files, block it, roll back any user files changes and eliminate the threat from the targeted system. The test included 25 ransomware families such as REvil, Ryuk, Conti, Lockbit, pysa, Ragnarlocker, Ransomexx and others, as well as 14 PoCs. Kaspersky Endpoint Security Cloud completely blocked 100% of attacks in all three scenarios with no single user file being encrypted, and threats were eliminated from the protected system. Kaspersky Endpoint Security Cloud scored the highest protection rate across all products tested, proving its value for businesses against this type of attack. It was able to protect business data in an employee’s desktop if it is attacked and in shared folders if they are compromised by existing ransomware families but also samples specially designed for the test. The latter, however, includes various real encryption techniques used by adversaries.

“Kaspersky offered a high level of protection against all ransomware attacks in our tests. It clearly outperformed the other reviewed products. Regardless of whether we’re speaking about Revil or Ryuk or Conti – none of them was effective and able to perform the malicious actions when Kaspersky was protecting the system,” says Andreas Marx, CEO, AV-TEST.

AV-TEST GmbH is an independent supplier of services in the fields of IT Security and Antivirus Research, focusing on the detection and analysis of the latest malicious software and its use in comprehensive comparative testing of security products.

AV-TEST has operated out of Magdeburg (Germany) since 2004 and employs more than 30 team members, professionals with extensive practical experience. The AV-TEST laboratories include 300 client and server systems, where more than 2,500 terabytes of independently collected test data, containing both malicious and harmless sample information, are stored and processed.