Ransomware has become the weapon of choice for the major cyber-crime organizations and malicious states, representing a possibly lethal threat to businesses that are successfully attacked. Modern strains of crypto-ransomware go after all vulnerable resources, including backup, making even selective restoration a challenging and expensive process. Novel versions of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Lockbit and Egregor have emerged, displacing Locky, Spora, and Petya in notoriety, elaborateness, and destructiveness.
90% of ransomware penetrations are the result of innocuous-seeming emails that include dangerous links or file attachments, and a high percentage are "zero-day" variants that can escape detection by legacy signature-based antivirus filters. While user training and up-front identification are important to defend your network against ransomware, best practices demand that you assume some attacks will inevitably succeed and that you deploy a solid backup mechanism that enables you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service built around an online interview with a Progent cybersecurity expert experienced in ransomware defense and repair. During this assessment Progent will cooperate directly with your Albuquerque network managers to collect pertinent information concerning your security configuration and backup processes. Progent will use this information to create a Basic Security and Best Practices Assessment documenting how to follow best practices for configuring and administering your security and backup solution to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights key issues related to ransomware defense and restoration recovery. The review covers:
- Proper use of admin accounts
- Correct NTFS and SMB permissions
- Proper firewall setup
- Safe RDP configuration
- Recommend AntiVirus (AV) tools identification and deployment
The remote interview included with the ProSight Ransomware Preparedness Checkup service takes about one hour for the average small company and longer for bigger or more complex IT environments. The written report features recommendations for improving your ability to ward off or recover from a ransomware attack and Progent offers as-needed consulting services to assist you to create a cost-effective cybersecurity/backup solution customized for your specific needs.
- Split permission model for backup integrity
- Protecting key servers including AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or deletes files so they are unusable or are made publicly available. Ransomware sometimes locks the victim's computer. To prevent the carnage, the target is required to send a certain amount of money (the ransom), typically in the form of a crypto currency such as Bitcoin, within a short time window. It is not guaranteed that paying the ransom will recover the lost data or prevent its publication. Files can be encrypted or deleted throughout a network depending on the target's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A common ransomware delivery package is booby-trapped email, whereby the user is lured into interacting with by a social engineering technique called spear phishing. This makes the email message to look as though it came from a trusted source. Another common vulnerability is an improperly secured RDP port.
CryptoLocker opened the modern era of ransomware in 2013, and the damage attributed to by the many versions of ransomware is estimated at billions of dollars per year, more than doubling every two years. Famous attacks are WannaCry, and Petya. Recent high-profile threats like Ryuk, DoppelPaymer and Spora are more complex and have wreaked more damage than older versions. Even if your backup/recovery procedures permit you to restore your encrypted files, you can still be threatened by so-called exfiltration, where stolen documents are made public. Because additional variants of ransomware are launched every day, there is no certainty that traditional signature-matching anti-virus tools will detect the latest malware. If an attack does appear in an email, it is critical that your users have been taught to identify social engineering techniques. Your ultimate defense is a solid scheme for scheduling and keeping remote backups plus the deployment of reliable recovery tools.
Ask Progent About the ProSight Ransomware Preparedness Audit in Albuquerque
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Susceptibility Audit can enhance your defense against crypto-ransomware in Albuquerque, phone Progent at 800-462-8800 or see Contact Progent.