Ransomware has been widely adopted by cyber extortionists and malicious governments, representing a possibly lethal risk to businesses that fall victim. The latest variations of ransomware target all vulnerable resources, including backup, making even selective recovery a complex and expensive process. Novel strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, LockBit and Nephilim have emerged, replacing WannaCry, Spora, and NotPetya in prominence, elaborateness, and destructive impact.
Most crypto-ransomware penetrations are the result of innocent-looking emails with dangerous hyperlinks or file attachments, and a high percentage are "zero-day" attacks that elude detection by legacy signature-based antivirus filters. Although user training and frontline identification are important to defend your network against ransomware attacks, leading practices demand that you expect that some malware will inevitably get through and that you put in place a strong backup solution that enables you to recover quickly with minimal damage.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around an online discussion with a Progent cybersecurity consultant experienced in ransomware protection and repair. During this interview Progent will work directly with your Albuquerque network managers to gather pertinent information about your security profile and backup environment. Progent will use this information to produce a Basic Security and Best Practices Report detailing how to apply best practices for implementing and managing your cybersecurity and backup systems to prevent or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report focuses on key areas associated with crypto-ransomware defense and restoration recovery. The report addresses:
- Effective use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB permissions
- Proper firewall settings
- Safe Remote Desktop Protocol (RDP) access
- Advice about AntiVirus (AV) tools selection and deployment
The online interview included with the ProSight Ransomware Vulnerability Report service lasts about an hour for the average small business network and requires more time for larger or more complex IT environments. The written report contains recommendations for improving your ability to ward off or clean up after a ransomware assault and Progent can provide on-demand consulting services to help your business to design and deploy an efficient security/backup solution tailored to your business needs.
- Split permission model for backup protection
- Backing up critical servers including Active Directory
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or steals files so they cannot be used or are publicized. Ransomware often locks the target's computer. To prevent the carnage, the target is asked to pay a specified amount of money, typically in the form of a crypto currency such as Bitcoin, within a short period of time. There is no guarantee that paying the extortion price will recover the damaged files or avoid its exposure to the public. Files can be encrypted or deleted throughout a network based on the target's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A common ransomware attack vector is booby-trapped email, whereby the user is lured into interacting with by a social engineering exploit known as spear phishing. This causes the email message to appear to come from a trusted source. Another common vulnerability is a poorly secured Remote Desktop Protocol (RDP) port.
CryptoLocker opened the new age of ransomware in 2013, and the monetary losses attributed to by different versions of ransomware is said to be billions of dollars annually, roughly doubling every two years. Famous examples are WannaCry, and NotPetya. Current high-profile threats like Ryuk, Sodinokibi and Spora are more complex and have wreaked more havoc than older versions. Even if your backup/recovery procedures enable your business to restore your encrypted files, you can still be hurt by so-called exfiltration, where stolen documents are exposed to the public (known as "doxxing"). Because additional variants of ransomware crop up every day, there is no certainty that conventional signature-based anti-virus filters will block a new attack. If threat does show up in an email, it is important that your users have learned to identify phishing tricks. Your last line of protection is a solid scheme for scheduling and keeping remote backups plus the deployment of dependable recovery tools.
Ask Progent About the ProSight Ransomware Preparedness Report in Albuquerque
For pricing information and to find out more about how Progent's ProSight Ransomware Preparedness Testing can enhance your defense against ransomware in Albuquerque, call Progent at 800-462-8800 or see Contact Progent.