Ransomware has been widely adopted by cybercriminals and rogue states, representing a potentially lethal risk to companies that are victimized. Modern versions of ransomware go after everything, including online backup, making even partial recovery a challenging and costly process. New versions of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Snatch and Nephilim have emerged, displacing WannaCry, Spora, and Petya in prominence, sophistication, and destructive impact.
Most ransomware breaches are the result of innocent-seeming emails that have dangerous hyperlinks or file attachments, and a high percentage are so-called "zero-day" attacks that elude detection by legacy signature-based antivirus tools. Although user training and up-front detection are important to protect against ransomware, best practices demand that you expect that some attacks will inevitably succeed and that you deploy a strong backup mechanism that enables you to restore files and services quickly with little if any damage.
Progent's ProSight Ransomware Preparedness Assessment is an ultra-affordable service centered around an online discussion with a Progent cybersecurity expert skilled in ransomware defense and recovery. During this assessment Progent will collaborate directly with your Adelaide IT management staff to collect critical information concerning your security setup and backup processes. Progent will utilize this data to create a Basic Security and Best Practices Report documenting how to adhere to leading practices for configuring and administering your security and backup systems to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital issues related to crypto-ransomware defense and restoration recovery. The report covers:
- Effective use of admin accounts
- Correct NTFS and SMB authorizations
- Optimal firewall settings
- Secure Remote Desktop Protocol (RDP) configuration
- Recommend AntiVirus filtering selection and configuration
The online interview included with the ProSight Ransomware Vulnerability Checkup service lasts about one hour for the average small business network and requires more time for larger or more complex environments. The written report includes suggestions for enhancing your ability to block or recover from a ransomware attack and Progent can provide as-needed expertise to help you to create an efficient security/backup solution tailored to your specific needs.
- Split permission model for backup integrity
- Protecting critical servers including Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or deletes a victim's files so they are unusable or are publicized. Ransomware often locks the target's computer. To prevent the carnage, the target is required to pay a certain amount of money, typically in the form of a crypto currency like Bitcoin, within a brief time window. It is never certain that paying the extortion price will recover the lost files or prevent its exposure to the public. Files can be altered or erased throughout a network depending on the target's write permissions, and you cannot break the military-grade encryption algorithms used on the compromised files. A common ransomware delivery package is tainted email, whereby the user is lured into responding to by a social engineering technique called spear phishing. This makes the email message to look as though it came from a familiar source. Another popular attack vector is an improperly secured RDP port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the damage attributed to by different versions of ransomware is estimated at billions of dollars annually, more than doubling every two years. Famous examples include Locky, and NotPetya. Recent headline threats like Ryuk, DoppelPaymer and Cerber are more elaborate and have wreaked more damage than earlier strains. Even if your backup processes allow you to recover your encrypted data, you can still be hurt by so-called exfiltration, where stolen documents are exposed to the public (known as "doxxing"). Because additional variants of ransomware crop up daily, there is no certainty that conventional signature-based anti-virus tools will block a new attack. If threat does show up in an email, it is important that your end users have been taught to identify phishing tricks. Your ultimate protection is a solid scheme for scheduling and retaining offsite backups and the deployment of dependable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Vulnerability Evaluation in Adelaide
For pricing details and to learn more about how Progent's ProSight Ransomware Susceptibility Evaluation can bolster your protection against crypto-ransomware in Adelaide, call Progent at 800-462-8800 or visit Contact Progent.