Ransomware has been weaponized by cybercriminals and rogue states, representing a possibly existential threat to companies that are breached. The latest strains of ransomware go after everything, including backup, making even partial restoration a long and expensive exercise. Novel strains of ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Egregor have made the headlines, replacing Locky, TeslaCrypt, and CryptoWall in notoriety, elaborateness, and destructiveness.
Most crypto-ransomware infections are the result of innocuous-looking emails that have malicious hyperlinks or attachments, and many are so-called "zero-day" strains that elude the defenses of legacy signature-based antivirus filters. Although user training and frontline identification are critical to protect your network against ransomware attacks, best practices demand that you expect that some malware will eventually get through and that you deploy a strong backup solution that enables you to repair the damage rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Assessment is a low-cost service centered around a remote interview with a Progent cybersecurity expert skilled in ransomware defense and repair. During this assessment Progent will cooperate with your Alexandria network management staff to gather critical data about your security configuration and backup environment. Progent will utilize this information to produce a Basic Security and Best Practices Report documenting how to apply best practices for implementing and managing your security and backup solution to prevent or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Report focuses on key areas associated with ransomware prevention and restoration recovery. The review covers:
- Correct use of administration accounts
- Assigning NTFS and SMB (Server Message Block) authorizations
- Proper firewall setup
- Safe Remote Desktop Protocol configuration
- Recommend AntiVirus tools selection and deployment
The online interview included with the ProSight Ransomware Preparedness Assessment service takes about one hour for a typical small company and requires more time for larger or more complex environments. The written report contains recommendations for enhancing your ability to ward off or clean up after a ransomware assault and Progent offers as-needed consulting services to assist you and your IT staff to create an efficient security/data backup system customized for your business needs.
- Split permission architecture for backup protection
- Protecting key servers including AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a type of malicious software that encrypts or deletes a victim's files so they are unusable or are publicized. Crypto-ransomware often locks the victim's computer. To avoid the carnage, the victim is asked to pay a certain amount of money, usually via a crypto currency like Bitcoin, within a short period of time. There is no guarantee that delivering the ransom will recover the lost files or prevent its publication. Files can be altered or erased throughout a network depending on the victim's write permissions, and you cannot solve the strong encryption technologies used on the compromised files. A typical ransomware attack vector is booby-trapped email, in which the target is tricked into interacting with by means of a social engineering exploit known as spear phishing. This makes the email message to appear to come from a familiar sender. Another popular vulnerability is a poorly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the damage attributed to by the many strains of ransomware is said to be billions of dollars per year, more than doubling every two years. Notorious examples include WannaCry, and Petya. Recent headline variants like Ryuk, DoppelPaymer and CryptoWall are more complex and have wreaked more havoc than older strains. Even if your backup procedures enable your business to restore your encrypted files, you can still be hurt by so-called exfiltration, where ransomed data are exposed to the public. Because additional variants of ransomware are launched daily, there is no certainty that conventional signature-matching anti-virus tools will detect the latest malware. If an attack does show up in an email, it is important that your end users have learned to identify social engineering techniques. Your ultimate protection is a solid scheme for performing and retaining remote backups plus the deployment of reliable recovery platforms.
Ask Progent About the ProSight Ransomware Vulnerability Report in Alexandria
For pricing details and to find out more about how Progent's ProSight Ransomware Preparedness Review can enhance your protection against ransomware in Alexandria, phone Progent at 800-462-8800 or see Contact Progent.