On March 31st, the results of the latest round of the MITRE ATT&CK® Evaluations for security solutions were released. This year, 30 security solutions from leading cybersecurity companies, including Bitdefender, were tested on their ability to detect the tactics and techniques of Wizard Spider and Sandworm Team.
This 4th round of the MITRE evaluations focused on the Data Encrypted for Impact technique (T1486). Adversaries may encrypt data on target systems or on large numbers of systems in a network to interrupt the availability of system and network resources. Wizard Spider, known for the Ryuk (S0446) and Conti (S0575) malware, was selected to represent the ransomware industry. The Sandworm Team, known for NotPetya malware (S0368), represents a more sinister wiper malware, designed to cause irreversible destruction. Both are very timely selections – Conti ransomware is under detailed scrutiny by security researchers after a recent leak, while wipers like NotPetya are commonly being deployed in Ukraine amidst the ongoing war.
What makes MITRE ATT&CK® Evaluations unique and valuable?
In a market filled with over-hyped claims, validating capabilities through independent third-party testing