Ransomware has been weaponized by cybercriminals and rogue states, posing a potentially existential risk to companies that are victimized. The latest versions of crypto-ransomware go after all vulnerable resources, including backup, making even partial recovery a complex and expensive exercise. Novel variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Nephilim have emerged, displacing WannaCry, TeslaCrypt, and NotPetya in prominence, elaborateness, and destructive impact.
Most crypto-ransomware infections come from innocuous-looking emails that include malicious links or attachments, and a high percentage are "zero-day" attacks that can escape the defenses of traditional signature-based antivirus (AV) filters. While user education and frontline detection are critical to defend against ransomware, best practices demand that you expect that some malware will eventually succeed and that you implement a solid backup solution that enables you to restore files and services quickly with little if any losses.
Progent's ProSight Ransomware Vulnerability Report is a low-cost service centered around an online discussion with a Progent security consultant skilled in ransomware protection and recovery. During this interview Progent will collaborate with your Albany IT managers to gather pertinent information about your cybersecurity profile and backup environment. Progent will use this data to create a Basic Security and Best Practices Report documenting how to apply best practices for configuring and managing your cybersecurity and backup solution to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital issues related to crypto-ransomware defense and restoration recovery. The report addresses:
- Proper allocation and use of admin accounts
- Assigning NTFS and SMB permissions
- Proper firewall setup
- Safe Remote Desktop Protocol configuration
- Recommend AntiVirus (AV) filtering selection and deployment
The online interview process included with the ProSight Ransomware Vulnerability Report service lasts about one hour for a typical small business network and requires more time for larger or more complicated IT environments. The written report includes suggestions for improving your ability to ward off or recover from a ransomware incident and Progent offers on-demand consulting services to help you and your IT staff to create a cost-effective security/backup system tailored to your specific needs.
- Split permission architecture for backup protection
- Protecting key servers such as AD
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or steals a victim's files so they are unusable or are publicized. Crypto-ransomware sometimes locks the target's computer. To prevent the carnage, the victim is asked to pay a certain amount of money (the ransom), typically in the form of a crypto currency like Bitcoin, within a short period of time. It is not guaranteed that paying the extortion price will restore the damaged files or avoid its exposure to the public. Files can be altered or deleted across a network based on the victim's write permissions, and you cannot break the strong encryption technologies used on the compromised files. A typical ransomware delivery package is tainted email, in which the victim is tricked into responding to by means of a social engineering exploit called spear phishing. This causes the email to look as though it came from a trusted sender. Another popular vulnerability is a poorly secured Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by different strains of ransomware is estimated at billions of dollars annually, roughly doubling every other year. Famous examples are WannaCry, and NotPetya. Recent high-profile threats like Ryuk, Sodinokibi and CryptoWall are more elaborate and have caused more damage than older strains. Even if your backup/recovery procedures permit your business to restore your encrypted data, you can still be threatened by so-called exfiltration, where stolen documents are made public (known as "doxxing"). Because additional variants of ransomware crop up daily, there is no certainty that traditional signature-matching anti-virus filters will block a new attack. If an attack does show up in an email, it is critical that your end users have been taught to be aware of phishing tricks. Your last line of protection is a sound scheme for scheduling and keeping offsite backups plus the use of reliable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Report in Albany
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Assessment can bolster your defense against crypto-ransomware in Albany, phone Progent at 800-462-8800 or see Contact Progent.