Ransomware has been widely adopted by cybercriminals and bad-actor governments, representing a possibly lethal risk to businesses that are victimized. The latest versions of ransomware go after everything, including online backup, making even selective recovery a challenging and costly exercise. Novel variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have made the headlines, displacing Locky, TeslaCrypt, and Petya in prominence, elaborateness, and destructive impact.
90% of ransomware breaches are caused by innocuous-looking emails with dangerous hyperlinks or attachments, and a high percentage are so-called "zero-day" variants that elude the defenses of legacy signature-matching antivirus (AV) filters. Although user training and frontline detection are important to protect against ransomware attacks, best practices demand that you assume some malware will eventually succeed and that you deploy a solid backup solution that enables you to restore files and services quickly with minimal losses.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service built around an online interview with a Progent cybersecurity expert experienced in ransomware defense and repair. In the course of this assessment Progent will work with your Adelaide network management staff to collect critical information concerning your security configuration and backup environment. Progent will utilize this data to create a Basic Security and Best Practices Report documenting how to adhere to best practices for implementing and administering your cybersecurity and backup solution to prevent or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment focuses on key issues associated with ransomware prevention and restoration recovery. The review covers:
- Effective allocation and use of administration accounts
- Correct NTFS and SMB (Server Message Block) permissions
- Optimal firewall settings
- Safe RDP access
- Guidance for AntiVirus tools selection and deployment
The remote interview process for the ProSight Ransomware Preparedness Assessment service takes about one hour for a typical small business and longer for larger or more complicated IT environments. The report document features suggestions for enhancing your ability to ward off or clean up after a ransomware assault and Progent offers as-needed consulting services to assist you and your IT staff to create an efficient cybersecurity/data backup system customized for your business needs.
- Split permission architecture for backup integrity
- Protecting required servers such as Active Directory
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or deletes files so they cannot be used or are publicized. Ransomware sometimes locks the victim's computer. To prevent the carnage, the victim is required to send a specified ransom, usually via a crypto currency like Bitcoin, within a short period of time. There is no guarantee that paying the extortion price will recover the damaged files or prevent its exposure to the public. Files can be encrypted or deleted throughout a network depending on the target's write permissions, and you cannot reverse engineer the strong encryption algorithms used on the hostage files. A typical ransomware attack vector is spoofed email, in which the victim is tricked into responding to by a social engineering technique known as spear phishing. This makes the email message to look as though it came from a trusted source. Another common vulnerability is an improperly secured Remote Desktop Protocol port.
CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the damage attributed to by different versions of ransomware is estimated at billions of dollars per year, more than doubling every other year. Notorious examples include Locky, and Petya. Recent high-profile variants like Ryuk, Sodinokibi and CryptoWall are more sophisticated and have caused more havoc than older strains. Even if your backup procedures allow you to recover your ransomed data, you can still be hurt by so-called exfiltration, where ransomed data are exposed to the public (known as "doxxing"). Because additional variants of ransomware are launched daily, there is no certainty that conventional signature-based anti-virus tools will block a new attack. If threat does show up in an email, it is critical that your end users have learned to identify social engineering tricks. Your last line of defense is a solid process for performing and retaining remote backups and the use of reliable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Readiness Assessment in Adelaide
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Consultation can bolster your protection against crypto-ransomware in Adelaide, call Progent at 800-462-8800 or see Contact Progent.