Researcher takes on ransomware and the products for stopping it

Tom Temin And just a brief word on the ingenuity program, which is one of the major channels of MITRE’s work. And then tell us a little bit about the program that you specifically run for evaluating software.

William Booth Yeah. So I run a tech evaluations, which is born out of and based on either attack framework, which is really a way of describing cybersecurity tactics and techniques used in the real world. And we take that knowledge base and we apply it through evaluations to all the leading cohort of cybersecurity products.

Tom Temin In other words, you try to make sure that the products out there actually match and can take on what you know to be the real threats.

William Booth Yes. And that people have insights and a reference for performance on how they’re doing, both on the detections and on the protection side.

Tom Temin All right. And now the latest call out for industry to join with you, you’re looking at specifically what problem and what types of software?

William Booth We’re mostly focused this time on ransomware continues to be a leading issue both for private and for government. And so we’re tackling that through slightly different than before where we chose a single adversary. Here we’re using an amalgamation of multiple very prevalent and relevant ransomware attacks. And in addition to that, we’re also for the first time, introducing Mac OS, which is going to be focused on the DPR case activity. Recently, there’s a lot of products out there that cover Windows and Linux and also have Mac, but that’s kind of unknown right now on performance and where the benchmark is. And so we’re hoping to set that.

Tom Temin So the North Korea then is going after Macs for ransomware. And are they generally going after…