Ransomware has been widely adopted by cybercriminals and bad-actor states, representing a possibly lethal risk to businesses that are victimized. The latest versions of ransomware target everything, including online backup, making even selective restoration a challenging and expensive process. New variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, LockBit and Egregor have emerged, displacing WannaCry, Cerber, and NotPetya in prominence, elaborateness, and destructiveness.
90% of ransomware breaches come from innocent-seeming emails that have dangerous links or file attachments, and many are so-called "zero-day" strains that can escape the defenses of legacy signature-matching antivirus (AV) filters. While user training and up-front identification are important to defend your network against ransomware, leading practices dictate that you assume some malware will eventually succeed and that you prepare a solid backup solution that allows you to restore files and services quickly with little if any losses.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around an online discussion with a Progent security expert experienced in ransomware protection and recovery. In the course of this assessment Progent will cooperate with your Adelaide network managers to gather critical information about your security setup and backup environment. Progent will utilize this data to generate a Basic Security and Best Practices Assessment documenting how to follow best practices for implementing and administering your cybersecurity and backup solution to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report highlights vital areas associated with ransomware defense and restoration recovery. The report addresses:
- Correct allocation and use of administration accounts
- Appropriate NTFS and SMB (Server Message Block) permissions
- Proper firewall configuration
- Secure RDP connections
- Recommend AntiVirus (AV) filtering identification and configuration
The remote interview for the ProSight Ransomware Preparedness Report service lasts about one hour for the average small business and requires more time for bigger or more complicated IT environments. The written report includes suggestions for improving your ability to block or recover from a ransomware assault and Progent offers on-demand consulting services to assist your business to create an efficient security/backup system tailored to your specific requirements.
- Split permission architecture for backup integrity
- Backing up key servers including Active Directory
- Offsite backups including cloud backup to Azure
Ransomware is a type of malicious software that encrypts or steals a victim's files so they cannot be used or are made publicly available. Ransomware sometimes locks the victim's computer. To prevent the damage, the target is asked to pay a certain amount of money (the ransom), usually via a crypto currency like Bitcoin, within a brief time window. It is never certain that delivering the ransom will restore the lost data or prevent its publication. Files can be encrypted or erased throughout a network based on the victim's write permissions, and you cannot solve the military-grade encryption technologies used on the compromised files. A common ransomware delivery package is tainted email, in which the user is tricked into interacting with by a social engineering technique known as spear phishing. This causes the email to look as though it came from a familiar sender. Another common attack vector is an improperly protected Remote Desktop Protocol port.
The ransomware variant CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the damage attributed to by different versions of ransomware is estimated at billions of dollars per year, roughly doubling every other year. Famous attacks are WannaCry, and Petya. Current high-profile variants like Ryuk, Sodinokibi and CryptoWall are more sophisticated and have wreaked more damage than earlier strains. Even if your backup/recovery procedures enable your business to restore your ransomed files, you can still be threatened by so-called exfiltration, where stolen documents are exposed to the public (known as "doxxing"). Because new variants of ransomware are launched every day, there is no certainty that traditional signature-matching anti-virus filters will detect the latest malware. If an attack does appear in an email, it is important that your end users have learned to be aware of social engineering techniques. Your ultimate protection is a sound scheme for scheduling and keeping remote backups and the deployment of reliable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Susceptibility Consultation in Adelaide
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Evaluation can enhance your protection against ransomware in Adelaide, call Progent at 800-462-8800 or see Contact Progent.