Ransomware has been widely adopted by cyber extortionists and malicious governments, posing a potentially existential risk to companies that are successfully attacked. The latest strains of crypto-ransomware go after everything, including online backup, making even partial recovery a long and expensive exercise. New strains of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, LockBit and Egregor have emerged, displacing Locky, TeslaCrypt, and NotPetya in notoriety, elaborateness, and destructiveness.
90% of crypto-ransomware infections are caused by innocuous-seeming emails that include malicious links or attachments, and a high percentage are so-called "zero-day" variants that can escape detection by legacy signature-based antivirus (AV) tools. While user education and frontline identification are critical to defend against ransomware, leading practices demand that you assume some attacks will eventually get through and that you implement a strong backup solution that permits you to recover rapidly with minimal damage.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service built around a remote interview with a Progent cybersecurity consultant skilled in ransomware protection and repair. During this interview Progent will collaborate with your Addison IT management staff to collect pertinent data about your cybersecurity posture and backup environment. Progent will use this data to create a Basic Security and Best Practices Assessment detailing how to adhere to best practices for configuring and administering your cybersecurity and backup systems to prevent or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital issues related to crypto-ransomware prevention and restoration recovery. The report covers:
- Correct allocation and use of administration accounts
- Correct NTFS and SMB (Server Message Block) permissions
- Optimal firewall configuration
- Safe RDP connections
- Guidance for AntiVirus (AV) filtering selection and deployment
The online interview process included with the ProSight Ransomware Vulnerability Checkup service takes about an hour for a typical small company and requires more time for bigger or more complex IT environments. The report document features recommendations for enhancing your ability to ward off or recover from a ransomware attack and Progent can provide as-needed consulting services to assist you and your IT staff to design and deploy a cost-effective cybersecurity/backup solution tailored to your specific needs.
- Split permission architecture for backup integrity
- Protecting critical servers including AD
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or deletes files so they are unusable or are made publicly available. Crypto-ransomware sometimes locks the victim's computer. To prevent the damage, the victim is asked to pay a specified amount of money, typically via a crypto currency like Bitcoin, within a brief time window. There is no guarantee that delivering the extortion price will restore the lost files or prevent its publication. Files can be altered or erased throughout a network based on the victim's write permissions, and you cannot solve the strong encryption technologies used on the hostage files. A typical ransomware delivery package is tainted email, whereby the user is lured into responding to by a social engineering technique known as spear phishing. This makes the email to appear to come from a familiar sender. Another popular vulnerability is a poorly secured RDP port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the damage caused by the many strains of ransomware is said to be billions of dollars annually, more than doubling every other year. Notorious attacks are WannaCry, and Petya. Recent headline variants like Ryuk, Sodinokibi and CryptoWall are more complex and have caused more havoc than earlier versions. Even if your backup processes allow you to recover your ransomed data, you can still be threatened by exfiltration, where ransomed documents are made public (known as "doxxing"). Because additional variants of ransomware crop up daily, there is no guarantee that conventional signature-based anti-virus filters will detect the latest malware. If threat does show up in an email, it is critical that your end users have been taught to identify social engineering tricks. Your last line of protection is a sound scheme for performing and retaining remote backups and the deployment of dependable restoration tools.
Ask Progent About the ProSight Ransomware Readiness Testing in Addison
For pricing details and to find out more about how Progent's ProSight Ransomware Readiness Review can enhance your protection against crypto-ransomware in Addison, call Progent at 800-462-8800 or see Contact Progent.