Ransomware has become the weapon of choice for cybercriminals and bad-actor states, posing a potentially lethal risk to companies that are victimized. Current versions of crypto-ransomware target all vulnerable resources, including backup, making even selective restoration a long and expensive process. Novel strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Egregor have made the headlines, displacing Locky, TeslaCrypt, and NotPetya in prominence, elaborateness, and destructiveness.
90% of ransomware breaches come from innocent-looking emails that include dangerous links or file attachments, and a high percentage are so-called "zero-day" strains that can escape detection by traditional signature-based antivirus (AV) tools. While user education and frontline identification are important to defend against ransomware attacks, best practices demand that you take for granted some malware will eventually succeed and that you prepare a strong backup solution that allows you to restore files and services quickly with little if any losses.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service built around a remote interview with a Progent cybersecurity expert skilled in ransomware protection and recovery. During this assessment Progent will cooperate directly with your Adelaide network managers to collect critical information about your security setup and backup environment. Progent will utilize this information to create a Basic Security and Best Practices Assessment detailing how to follow leading practices for configuring and managing your cybersecurity and backup systems to prevent or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Report highlights vital issues related to crypto-ransomware defense and restoration recovery. The review addresses:
- Effective use of administration accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Optimal firewall configuration
- Secure Remote Desktop Protocol access
- Advice about AntiVirus tools selection and configuration
The remote interview process for the ProSight Ransomware Preparedness Assessment service lasts about one hour for the average small business network and longer for larger or more complicated environments. The written report features recommendations for improving your ability to ward off or recover from a ransomware attack and Progent offers as-needed expertise to help you to design and deploy a cost-effective security/data backup system tailored to your specific needs.
- Split permission architecture for backup integrity
- Backing up key servers such as AD
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or deletes files so they are unusable or are made publicly available. Crypto-ransomware often locks the target's computer. To prevent the damage, the target is asked to send a certain amount of money, typically in the form of a crypto currency such as Bitcoin, within a short period of time. It is not guaranteed that delivering the extortion price will restore the lost data or prevent its exposure to the public. Files can be encrypted or erased across a network depending on the victim's write permissions, and you cannot break the military-grade encryption technologies used on the hostage files. A typical ransomware delivery package is booby-trapped email, whereby the target is lured into responding to by a social engineering technique called spear phishing. This makes the email to appear to come from a trusted source. Another common attack vector is an improperly secured RDP port.
CryptoLocker opened the modern era of crypto-ransomware in 2013, and the damage caused by the many strains of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Notorious examples are WannaCry, and Petya. Current headline threats like Ryuk, Maze and CryptoWall are more sophisticated and have caused more havoc than older versions. Even if your backup procedures permit you to restore your ransomed data, you can still be hurt by exfiltration, where stolen data are exposed to the public. Because new variants of ransomware crop up daily, there is no guarantee that traditional signature-based anti-virus tools will block a new attack. If an attack does show up in an email, it is important that your end users have been taught to be aware of social engineering tricks. Your last line of protection is a solid scheme for scheduling and keeping offsite backups plus the use of reliable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Assessment in Adelaide
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Report can enhance your defense against crypto-ransomware in Adelaide, phone Progent at 800-462-8800 or visit Contact Progent.