Ransomware has been widely adopted by the major cyber-crime organizations and bad-actor states, representing a possibly existential risk to companies that fall victim. Current strains of ransomware go after everything, including online backup, making even selective restoration a complex and costly exercise. New variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Egregor have made the headlines, displacing WannaCry, Spora, and CryptoWall in prominence, elaborateness, and destructive impact.
Most crypto-ransomware penetrations come from innocuous-looking emails that include malicious hyperlinks or attachments, and a high percentage are "zero-day" variants that elude the defenses of legacy signature-matching antivirus tools. Although user education and up-front detection are important to protect your network against ransomware attacks, leading practices dictate that you take for granted some malware will inevitably succeed and that you prepare a strong backup mechanism that permits you to restore files and services rapidly with little if any losses.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service centered around an online discussion with a Progent cybersecurity expert skilled in ransomware defense and recovery. In the course of this interview Progent will collaborate with your Allen IT management staff to gather pertinent information concerning your cybersecurity setup and backup processes. Progent will use this data to produce a Basic Security and Best Practices Assessment detailing how to follow leading practices for implementing and managing your security and backup solution to prevent or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report highlights key issues associated with crypto-ransomware defense and restoration recovery. The report addresses:
- Correct allocation and use of admin accounts
- Assigning NTFS (New Technology File System) and SMB permissions
- Proper firewall setup
- Secure RDP configuration
- Guidance for AntiVirus tools selection and configuration
The remote interview included with the ProSight Ransomware Vulnerability Checkup service takes about one hour for the average small company and requires more time for bigger or more complicated environments. The written report contains recommendations for improving your ability to block or clean up after a ransomware attack and Progent offers on-demand expertise to help you to create a cost-effective cybersecurity/data backup solution tailored to your business requirements.
- Split permission model for backup integrity
- Protecting critical servers such as AD
- Offsite backups with cloud backup to Azure
Ransomware is a variety of malware that encrypts or steals files so they are unusable or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To prevent the damage, the target is asked to send a specified ransom, usually in the form of a crypto currency such as Bitcoin, within a short period of time. It is not guaranteed that delivering the ransom will restore the damaged files or prevent its exposure to the public. Files can be altered or deleted across a network depending on the target's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A typical ransomware delivery package is booby-trapped email, in which the target is tricked into responding to by a social engineering technique called spear phishing. This makes the email to appear to come from a familiar sender. Another popular vulnerability is a poorly secured RDP port.
CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses caused by the many strains of ransomware is estimated at billions of dollars per year, more than doubling every two years. Famous attacks are WannaCry, and NotPetya. Current high-profile variants like Ryuk, Maze and CryptoWall are more elaborate and have wreaked more damage than older strains. Even if your backup/recovery processes enable your business to recover your encrypted data, you can still be threatened by exfiltration, where ransomed data are exposed to the public. Because additional variants of ransomware are launched every day, there is no guarantee that traditional signature-matching anti-virus filters will detect a new malware. If threat does show up in an email, it is critical that your users have been taught to be aware of phishing tricks. Your ultimate protection is a sound process for scheduling and keeping remote backups and the deployment of reliable recovery platforms.
Contact Progent About the ProSight Ransomware Vulnerability Checkup in Allen
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Review can bolster your defense against crypto-ransomware in Allen, call Progent at 800-462-8800 or visit Contact Progent.