Press release

HORNE Cyber’s Simulation of Dangerous Ryuk Ransomware Can Now Be Tested by Municipalities and Businesses of Any Size, Safely & Affordably

Sponsored by Businesswire

HORNE Cyber recently announced a major update to Threat Runner, its proprietary, revolutionary security product that safely emulates authentic malware infections, providing situational awareness around data separation, network segmentation, and user permissions without encrypting files and sensitive data.

Specifically, the team of reverse-engineering practitioners and software developers responsible for Threat Runner has added a Ryuk variant, the same ransomware that affected the New Orleans government in December and is an increasing cyber threat. Ryuk has heavily targeted governments and municipalities, as well as private organizations. This variant is considered to be of high severity and is expected to see more attacks in the coming days and weeks.

“Ryuk is a high-profile threat that will continue to target organizations with a large attack surface, such as municipalities,” said Dr. Wesley McGrew, director of cyber operations at HORNE Cyber. “There is a misconception that it requires very large, costly consulting contracts to truly test your security against a threat like Ryuk. This is not true. We created Threat Runner from the ground up so that organizations can affordably test against real ransomware and boost their defenses, no matter size or budget.”

Ryuk targets a wide range of file types and, therefore, has the potential for a significant impact on any organization. Ryuk is deployed on systems through various means of attack, including social engineering campaigns and vulnerability exploitation. When infecting a targeted organization, an attacker compromises a system and then executes the Ryuk ransomware variant from a system with the greatest potential for impact.

“A wide variety of measures need to be taken to protect against Ryuk, including reducing the external attack surface, patching, user education, and network segmentation, and Threat Runner is the most attainable and efficient way to quickly diagnose your best path forward to increased security and preparedness,” added Dr. McGrew.

Threat Runner, from its launch in Summer 2019, was the first product to have launched and succeeded in reverse-engineering malware from the ground up, accurately emulating various malware threats while de-weaponizing them. Users can also understand which users, if targeted, would pose the greatest threat to the organization.

The Ryuk inclusion builds on the six malware variants Threat Runner initially launched with, including:

  • WannaCry
  • Bad Rabbit
  • Yatron
  • Not-Petya
  • Satan
  • Cerber

Threat Runner starts at an inexpensive price point of $750 for four simulations. Price packages increase with the number of threat simulations. Custom packages are available for larger companies wanting high volume or unlimited simulations.

Threat Runner is also easy-to-use, as simple as downloading directly from the Threat Runner website and running the program.

Once Threat Runner has completed its work, organizations will receive an interactive report with detailed findings and recommended steps for remediation. This report includes a list of compromised nodes and a network tree to visually show how far the emulated malware spread across the network— all of which gives you a valuable understanding of your organization’s weaknesses related to data separation, network segmentation, and user permissions.

For more information on Threat Runner and how you can run it, visit

About HORNE Cyber

HORNE Cyber provides offense-oriented cybersecurity services for clients in the areas of digital forensics and incident response, advanced penetration testing, strategic advisory, ERP services, regulatory compliance and IT assurance. HORNE Cyber is a wholly owned subsidiary of HORNE LLP, an accounting and advisory firm. Our Threat Runner product is managed out of Nashville, Tennessee, and supported by offices across the mid-Atlantic and Southeast. HORNE Cyber is committed to not only being the best cybersecurity partner for businesses and organizations of all sizes, but to aiding the world as much as it can by innovating with products like Threat Runner that will help the greater good and shore up cyber defenses for anyone who downloads the software. For more information, visit