Truth in IT
    • Sign In
    • Register
        • Videos
        • Channels
        • Pages
        • Galleries
        • News
        • Events
        • All
Truth in IT Truth in IT
  • Data Management ▼
    • Converged Infrastructure
    • DevOps
    • Networking
    • Storage
    • Virtualization
  • Cybersecurity ▼
    • Application Security
    • Backup & Recovery
    • Data Security
    • Identity & Access Management (IAM)
    • Zero Trust
    • Compliance & GRC
    • Endpoint Security
  • Cloud ▼
    • Hybrid Cloud
    • Private Cloud
    • Public Cloud
  • Webinar Library
  • TiPs
  • DRAW

Ransomware Protection for IBM i with Powertech Antivirus

Fortra
06/12/2026
0 (0%)
Share
  • Comments
  • Download
  • Transcript
Report Like Favorite
  • Share/Embed
  • Email
Link
Embed

Transcript


Ransomware protection is a critical component in securing your IBMI servers. The IBMI has always had a reputation for being invincible against these types of attacks. However, we've seen many systems attacked and damaged by ransomware. The all-too-common practice of sharing IFS directories, including the root directory, coupled with overprivileged users, has made the system vulnerable and created an easy target for threat actors. These weak points need to be guarded with the correct layers of protection. During a ransomware attack, any available discoverable share can be taken advantage of whether or not it's mapped as a drive by an end user. These attacks use the authority of the compromised user. Stopping these attacks can be very difficult because the actions being performed are valid actions against your files, and sometimes difficult to detect until it's too late. Removing the file shares can be helpful. However, if they're needed for valid business transactions, it's not always the best solution. Powertech Antivirus with AntiRansomware Protection can evaluate those actions for you and determine if the user's actions are malicious or not. Malicious actions can be blocked so that the attack is not allowed to continue, effectively reducing the blast zone of the attack and allowing you to take quick action to remediate the breach and protect your IBMI server.

TL;DR

  • IBM i systems are no longer immune to ransomware attacks, with shared IFS directories and overprivileged users creating exploitable vulnerabilities that threat actors actively target.
  • Ransomware attacks leverage compromised user credentials to perform valid file operations that are difficult to detect until significant damage has occurred, making traditional security approaches insufficient.
  • Powertech Antivirus with AntiRansomware Protection evaluates file system actions in real-time to distinguish malicious behavior from legitimate business operations, blocking attacks before they can spread across the environment.

Summary

This demonstration addresses the growing ransomware threat to IBM i servers, challenging the long-held belief that these systems are invincible to such attacks. The video explains how common misconfigurations—particularly shared IFS directories and overprivileged user accounts—create vulnerabilities that ransomware can exploit. Fortra's Powertech Antivirus with AntiRansomware Protection is presented as a solution that monitors file system actions in real-time, distinguishing between legitimate business operations and malicious activity. By blocking suspicious actions before they can spread, the solution aims to contain attacks quickly and minimize damage to IBM i environments. The approach recognizes that simply removing file shares isn't always practical for organizations that depend on them for business operations, offering instead a behavioral detection layer that works alongside existing security controls.

Chapters

0:00 - The Ransomware Threat Landscape
0:17 - IBM i Vulnerability Reality
0:44 - How Ransomware Exploits IBM i
1:16 - Powertech AntiRansomware Protection

Key Quotes

0:17 "The IBMI has always had a reputation for being invincible against these types of attacks."
0:22 "However, we've seen many systems attacked and damaged by ransomware."
0:26 "The all-too-common practice of sharing IFS directories, including the root directory, coupled with overprivileged users, has made the system vulnerable and created an easy target for threat actors."

FAQ

Why are IBM i systems vulnerable to ransomware if they have a reputation for being secure?

While IBM i has strong built-in security features, common misconfigurations like sharing the IFS root directory and granting excessive user privileges create attack vectors. Ransomware exploits these weaknesses by using compromised user credentials to perform valid file operations that traditional security controls don't flag as suspicious.

How does Powertech Antivirus detect ransomware without blocking legitimate business operations?

The solution uses behavioral analysis to evaluate file system actions in real-time, distinguishing between normal business transactions and malicious patterns characteristic of ransomware. When suspicious activity is detected, it blocks the actions immediately to contain the attack while allowing legitimate operations to continue.


Categories:
  • » Data Protection » Backup & Recovery
  • » Cybersecurity » Endpoint Security
  • » Data Protection
Channels:
News:
Events:
Tags:
  • Endpoint Management
  • Data Protection
  • Threat Intelligence
  • Technical Deep Dive
  • Demo
  • IBM i security
  • ransomware protection
  • IFS directory security
  • privileged access management
  • behavioral threat detection
  • file system monitoring
  • endpoint protection for IBM i
Show more Show less

Browse videos

  • Related
  • Featured
  • By date
  • Most viewed
  • Top rated
  •  

              Video's comments: Ransomware Protection for IBM i with Powertech Antivirus

              Upcoming Webinar Calendar

              • 06/17/2026
                12:00 PM
                06/17/2026
                Action1: The Remediation Gap: Vulnerability Management in the Age of AI
                https://www.truthinit.com/index.php/channel/2010/action1-the-remediation-gap-vulnerability-management-in-the-age-of-ai/
              • 06/23/2026
                01:00 PM
                06/23/2026
                The AI-Powered VMware Alternative
                https://www.truthinit.com/index.php/channel/2009/the-ai-powered-vmware-alternative/
              • 06/24/2026
                11:00 AM
                06/24/2026
                LATAM: Accelerating Insights on AI Through an Engaging Webinar Series
                https://www.truthinit.com/index.php/channel/2012/accelerating-insights-on-ai-through-an-engaging-webinar-series/
              • 06/25/2026
                01:00 PM
                06/25/2026
                Generative AI Security: Preventing AI from Becoming a Data Breach Multiplier
                https://www.truthinit.com/index.php/channel/1998/generative-ai-security-preventing-ai-from-becoming-a-data-breach-multiplier/
              • 07/01/2026
                04:00 AM
                07/01/2026
                Schutz von KI in Anwendungen, Agenten und APIs.
                https://www.truthinit.com/index.php/channel/2008/schutz-von-ki-in-anwendungen-agenten-und-apis/
              • 07/02/2026
                10:00 AM
                07/02/2026
                Resilience Insights from Hybrid Threats When the Cloud Faces Challenges
                https://www.truthinit.com/index.php/channel/2011/resilience-insights-from-hybrid-threats-when-the-cloud-faces-challenges/

              Upcoming Events

              • Jun
                17

                Action1: The Remediation Gap: Vulnerability Management in the Age of AI

                06/17/202612:00 PM ET
                • Jun
                  23

                  The AI-Powered VMware Alternative

                  06/23/202601:00 PM ET
                  • Jun
                    24

                    LATAM: Accelerating Insights on AI Through an Engaging Webinar Series

                    06/24/202611:00 AM ET
                    • Jun
                      25

                      Generative AI Security: Preventing AI from Becoming a Data Breach Multiplier

                      06/25/202601:00 PM ET
                      • Jul
                        01

                        Schutz von KI in Anwendungen, Agenten und APIs.

                        07/01/202604:00 AM ET
                        More events
                        Truth in IT
                        • Sponsor
                        • About Us
                        • Terms of Service
                        • Privacy Policy
                        • Contact Us
                        • Preference Management
                        Desktop version
                        Standard version