Ransomware has become the weapon of choice for cyber extortionists and malicious states, posing a potentially lethal risk to companies that are successfully attacked. The latest versions of ransomware go after all vulnerable resources, including online backup, making even selective restoration a complex and expensive exercise. Novel strains of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Nephilim have made the headlines, replacing Locky, TeslaCrypt, and Petya in notoriety, elaborateness, and destructive impact.
90% of ransomware breaches come from innocent-looking emails with dangerous hyperlinks or file attachments, and a high percentage are "zero-day" strains that can escape the defenses of legacy signature-based antivirus filters. While user training and up-front detection are important to protect against ransomware attacks, best practices dictate that you expect that some attacks will inevitably succeed and that you implement a solid backup solution that permits you to repair the damage quickly with minimal losses.
Progent's ProSight Ransomware Vulnerability Report is a low-cost service centered around an online discussion with a Progent cybersecurity expert skilled in ransomware defense and repair. In the course of this interview Progent will work directly with your Albany IT management staff to gather pertinent data about your cybersecurity posture and backup processes. Progent will utilize this data to create a Basic Security and Best Practices Assessment detailing how to follow leading practices for implementing and administering your security and backup systems to block or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report focuses on key issues related to ransomware defense and restoration recovery. The review addresses:
- Correct use of administration accounts
- Correct NTFS and SMB permissions
- Proper firewall settings
- Secure Remote Desktop Protocol configuration
- Recommend AntiVirus filtering selection and deployment
The remote interview process for the ProSight Ransomware Preparedness Report service takes about an hour for a typical small business and requires more time for bigger or more complex environments. The written report features suggestions for enhancing your ability to block or clean up after a ransomware assault and Progent offers as-needed consulting services to assist you and your IT staff to design and deploy a cost-effective cybersecurity/backup solution tailored to your specific needs.
- Split permission architecture for backup protection
- Protecting key servers such as AD
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a form of malware that encrypts or steals a victim's files so they cannot be used or are made publicly available. Ransomware often locks the target's computer. To avoid the carnage, the target is required to pay a specified amount of money, usually via a crypto currency like Bitcoin, within a short period of time. There is no guarantee that delivering the extortion price will recover the damaged data or avoid its publication. Files can be encrypted or deleted throughout a network depending on the victim's write permissions, and you cannot break the strong encryption technologies used on the compromised files. A common ransomware delivery package is tainted email, in which the user is tricked into responding to by a social engineering exploit called spear phishing. This makes the email to appear to come from a familiar source. Another common attack vector is an improperly protected RDP port.
CryptoLocker opened the new age of ransomware in 2013, and the damage caused by different versions of ransomware is said to be billions of dollars annually, more than doubling every other year. Notorious attacks include WannaCry, and Petya. Recent high-profile threats like Ryuk, Maze and CryptoWall are more sophisticated and have wreaked more havoc than earlier versions. Even if your backup/recovery processes allow your business to restore your ransomed files, you can still be hurt by exfiltration, where ransomed data are made public (known as "doxxing"). Because additional versions of ransomware crop up daily, there is no guarantee that traditional signature-based anti-virus tools will detect the latest attack. If an attack does appear in an email, it is critical that your end users have learned to identify social engineering tricks. Your ultimate protection is a solid process for scheduling and keeping remote backups and the deployment of reliable restoration platforms.
Contact Progent About the ProSight Ransomware Vulnerability Testing in Albany
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Preparedness Checkup can enhance your defense against ransomware in Albany, phone Progent at 800-462-8800 or visit Contact Progent.