Check if users are vulnerable to common malware threats using the Malware Simulation.
An advanced persistent threat (APT) is a network attack where an unauthorized person gains access to a network and remains undetected for a lengthy period of time stealing data. There are hundreds of millions of malware variations that make protecting against APT extremely challenging. LUCY’s Malware Simulation feature can simulate such attack patterns. This is the only LUCY module where employee involvement is unnecessary because the scope of the testing is purely technical. It works more like a virus scanner that can be downloaded by an IT security officer onto a workstation, then is executed to measure the station’s robustness to combat possible APT attacks.
SIEM Testing: Vulnerability detection and client security testing using the Malware Simulation module report possible vulnerabilities and exploitative client software packages. LUCY contains custom client vulnerability detection routines developed and used by our own penetration testers on countless occasions. Client security testing allows you to analyze the posture of browsers installed in your organization. It checks if there are any exploitable hooks. The features are non-intrusive and monitored by the SysAdmin. Neither do regular users have access to them nor can data be transmitted anywhere if you do not want it to be.
Ransomware Simulation using the Malware Simulation module allows you to run a Ransomware attack without doing no harm. This special templates checks if it would be possible to encrypt your personal data and ‘protect’ it with a password. The feature is non-intrusive and done with a copy of the dataset on a separate location. The original data is not touched. It is monitored by the SysAdmin at customers side. Neither do regular users have access to it nor can data be transmitted anywhere if you do not want it be.
The penetration test kit – Unlike the ‘technical’ Malware Simulation, which tries to harvest low-hanging fruit, the Penetration Test Kit allows users to execute individual threat scenarios and actions from the penetration tester or the system administrator. It can thus be assessed to what extent attacks like the Sony Hack or the Carbanak APT Case would be possible and to what extent the particular context of the client IT environment should be taken into account.
Droppers and macro converters for protection checking against code injections – Can malicious code be deployed and executed in the targeted network? Can it be done using Java or a Microsoft Office macro? LUCY provides dedicated dropper functionality in order to assess how and to what extent code can be introduced into a target and executed. In order to ensure the safety of this solution, only exclusive LUCY executables are, or can, be used.