Ransomware has been weaponized by the major cyber-crime organizations and rogue states, posing a possibly existential threat to businesses that are successfully attacked. Modern variations of ransomware go after everything, including backup, making even selective restoration a challenging and costly exercise. New strains of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Egregor have emerged, replacing WannaCry, Spora, and Petya in prominence, elaborateness, and destructive impact.
90% of crypto-ransomware infections are the result of innocuous-looking emails that include dangerous links or file attachments, and a high percentage are so-called "zero-day" strains that elude detection by legacy signature-matching antivirus (AV) tools. While user education and frontline detection are important to protect against ransomware, leading practices demand that you assume some malware will eventually get through and that you put in place a solid backup mechanism that allows you to repair the damage rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service centered around a remote discussion with a Progent cybersecurity consultant experienced in ransomware protection and recovery. During this assessment Progent will cooperate with your Alexandria network management staff to gather pertinent information about your security setup and backup environment. Progent will utilize this data to generate a Basic Security and Best Practices Assessment documenting how to follow leading practices for configuring and managing your cybersecurity and backup systems to prevent or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report focuses on vital areas associated with ransomware defense and restoration recovery. The report addresses:
- Correct use of admin accounts
- Assigning NTFS and SMB permissions
- Optimal firewall settings
- Safe Remote Desktop Protocol (RDP) connections
- Advice about AntiVirus filtering identification and configuration
The remote interview process included with the ProSight Ransomware Vulnerability Checkup service lasts about one hour for a typical small business network and longer for larger or more complicated IT environments. The report document includes recommendations for enhancing your ability to ward off or clean up after a ransomware assault and Progent offers on-demand expertise to help you to design and deploy a cost-effective security/backup system customized for your business requirements.
- Split permission model for backup protection
- Protecting required servers such as AD
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or deletes files so they are unusable or are publicized. Crypto-ransomware often locks the target's computer. To prevent the damage, the victim is asked to send a certain amount of money (the ransom), usually in the form of a crypto currency such as Bitcoin, within a brief time window. There is no guarantee that delivering the ransom will recover the damaged data or prevent its publication. Files can be encrypted or deleted throughout a network based on the victim's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A typical ransomware delivery package is tainted email, whereby the target is tricked into interacting with by a social engineering technique called spear phishing. This makes the email to look as though it came from a trusted source. Another popular vulnerability is an improperly protected RDP port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses caused by different versions of ransomware is said to be billions of dollars annually, roughly doubling every other year. Famous examples include Locky, and Petya. Current headline threats like Ryuk, Maze and TeslaCrypt are more sophisticated and have caused more havoc than earlier versions. Even if your backup/recovery processes enable you to recover your encrypted data, you can still be hurt by exfiltration, where ransomed data are made public. Because new versions of ransomware are launched every day, there is no certainty that conventional signature-matching anti-virus filters will detect the latest malware. If an attack does appear in an email, it is important that your users have learned to be aware of phishing techniques. Your last line of defense is a solid scheme for performing and retaining remote backups and the use of reliable recovery platforms.
Ask Progent About the ProSight Ransomware Preparedness Testing in Alexandria
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Susceptibility Review can bolster your defense against ransomware in Alexandria, phone Progent at 800-462-8800 or visit Contact Progent.