Ransomware has been weaponized by cybercriminals and malicious states, posing a potentially existential threat to businesses that are successfully attacked. Modern versions of ransomware go after everything, including backup, making even partial restoration a challenging and costly process. Novel versions of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Nephilim have made the headlines, displacing Locky, TeslaCrypt, and Petya in prominence, elaborateness, and destructive impact.
Most crypto-ransomware breaches are caused by innocent-seeming emails with dangerous hyperlinks or attachments, and a high percentage are so-called "zero-day" variants that can escape the defenses of traditional signature-based antivirus filters. Although user education and up-front identification are important to protect your network against ransomware attacks, best practices demand that you expect that some attacks will eventually get through and that you implement a solid backup solution that permits you to repair the damage rapidly with little if any losses.
Progent's ProSight Ransomware Preparedness Assessment is an ultra-affordable service centered around an online interview with a Progent security expert experienced in ransomware defense and recovery. In the course of this interview Progent will cooperate with your Akron IT managers to collect pertinent data about your security configuration and backup environment. Progent will use this data to create a Basic Security and Best Practices Report detailing how to apply best practices for configuring and managing your cybersecurity and backup solution to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights key issues related to ransomware prevention and restoration recovery. The report covers:
- Proper allocation and use of administration accounts
- Correct NTFS (New Technology File System) and SMB permissions
- Optimal firewall setup
- Secure RDP connections
- Advice about AntiVirus filtering selection and configuration
The online interview included with the ProSight Ransomware Preparedness Report service lasts about an hour for the average small company and requires more time for bigger or more complicated environments. The report document features suggestions for improving your ability to block or clean up after a ransomware incident and Progent offers on-demand expertise to assist your business to create an efficient cybersecurity/data backup system customized for your specific requirements.
- Split permission model for backup protection
- Backing up key servers including Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or deletes files so they cannot be used or are publicized. Ransomware often locks the victim's computer. To prevent the damage, the target is asked to send a certain amount of money (the ransom), usually in the form of a crypto currency like Bitcoin, within a brief period of time. It is never certain that delivering the ransom will restore the lost files or prevent its publication. Files can be encrypted or erased throughout a network based on the target's write permissions, and you cannot break the strong encryption technologies used on the compromised files. A common ransomware delivery package is spoofed email, in which the target is tricked into responding to by means of a social engineering technique known as spear phishing. This causes the email message to look as though it came from a familiar sender. Another popular attack vector is a poorly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the new age of crypto-ransomware in 2013, and the damage caused by different versions of ransomware is estimated at billions of dollars annually, roughly doubling every other year. Famous examples are WannaCry, and NotPetya. Current headline variants like Ryuk, DoppelPaymer and TeslaCrypt are more sophisticated and have caused more havoc than older strains. Even if your backup procedures permit your business to restore your ransomed data, you can still be hurt by so-called exfiltration, where stolen data are made public (known as "doxxing"). Because new versions of ransomware crop up every day, there is no certainty that traditional signature-matching anti-virus tools will detect a new attack. If threat does show up in an email, it is important that your users have been taught to be aware of phishing techniques. Your last line of defense is a sound process for performing and retaining offsite backups plus the deployment of dependable recovery tools.
Ask Progent About the ProSight Crypto-Ransomware Susceptibility Assessment in Akron
For pricing information and to find out more about how Progent's ProSight Ransomware Readiness Audit can enhance your defense against ransomware in Akron, phone Progent at 800-462-8800 or visit Contact Progent.