Ransomware has been weaponized by cybercriminals and rogue states, posing a potentially existential risk to businesses that are breached. Current variations of crypto-ransomware go after everything, including backup, making even partial recovery a complex and costly process. New versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have emerged, displacing Locky, TeslaCrypt, and CryptoWall in prominence, sophistication, and destructive impact.
Most crypto-ransomware breaches are the result of innocent-seeming emails with dangerous hyperlinks or file attachments, and a high percentage are "zero-day" strains that can escape detection by traditional signature-based antivirus filters. Although user education and frontline identification are critical to protect against ransomware attacks, leading practices demand that you expect that some attacks will inevitably succeed and that you put in place a solid backup solution that allows you to restore files and services rapidly with minimal losses.
Progent's ProSight Ransomware Vulnerability Report is a low-cost service centered around a remote interview with a Progent security expert skilled in ransomware defense and repair. During this interview Progent will work with your Addison network management staff to collect pertinent information concerning your cybersecurity setup and backup environment. Progent will use this data to create a Basic Security and Best Practices Report detailing how to apply leading practices for configuring and managing your security and backup systems to prevent or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Assessment focuses on key areas related to crypto-ransomware defense and restoration recovery. The report covers:
Cybersecurity
About Ransomware
Ransomware is a type of malware that encrypts or deletes files so they cannot be used or are made publicly available. Ransomware often locks the victim's computer. To prevent the damage, the victim is required to send a certain ransom, usually in the form of a crypto currency like Bitcoin, within a short time window. It is not guaranteed that paying the extortion price will restore the damaged files or prevent its publication. Files can be altered or erased throughout a network depending on the victim's write permissions, and you cannot break the strong encryption technologies used on the compromised files. A typical ransomware attack vector is booby-trapped email, whereby the target is tricked into responding to by a social engineering exploit known as spear phishing. This makes the email message to appear to come from a trusted source. Another popular attack vector is a poorly secured RDP port.
CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is said to be billions of dollars annually, roughly doubling every other year. Notorious examples include Locky, and NotPetya. Recent high-profile variants like Ryuk, Maze and TeslaCrypt are more elaborate and have caused more havoc than earlier versions. Even if your backup processes enable your business to restore your encrypted files, you can still be hurt by so-called exfiltration, where stolen data are made public (known as "doxxing"). Because new versions of ransomware are launched daily, there is no certainty that traditional signature-matching anti-virus tools will block a new malware. If an attack does show up in an email, it is important that your end users have been taught to be aware of social engineering tricks. Your ultimate protection is a sound scheme for performing and retaining remote backups and the deployment of dependable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Evaluation in Addison
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Susceptibility Report can bolster your defense against ransomware in Addison, phone Progent at