Ransomware has been widely adopted by cyber extortionists and malicious states, representing a possibly existential risk to companies that are breached. Modern versions of ransomware target all vulnerable resources, including online backup, making even partial recovery a challenging and costly exercise. Novel strains of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Nephilim have made the headlines, replacing WannaCry, Cerber, and Petya in prominence, elaborateness, and destructive impact.
90% of ransomware breaches are the result of innocuous-looking emails that have malicious hyperlinks or file attachments, and many are "zero-day" variants that can escape detection by traditional signature-based antivirus tools. Although user education and frontline detection are critical to protect against ransomware, leading practices demand that you expect that some malware will eventually succeed and that you put in place a strong backup solution that allows you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service built around an online discussion with a Progent cybersecurity consultant skilled in ransomware defense and recovery. During this assessment Progent will cooperate directly with your Allen IT managers to gather critical data concerning your cybersecurity profile and backup processes. Progent will use this information to create a Basic Security and Best Practices Report detailing how to follow best practices for configuring and administering your cybersecurity and backup systems to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital areas associated with crypto-ransomware defense and restoration recovery. The review addresses:
- Proper allocation and use of admin accounts
- Correct NTFS (New Technology File System) and SMB permissions
- Proper firewall configuration
- Safe Remote Desktop Protocol (RDP) connections
- Advice about AntiVirus (AV) filtering identification and configuration
The online interview process for the ProSight Ransomware Preparedness Checkup service lasts about one hour for a typical small business network and requires more time for larger or more complex environments. The report document contains recommendations for improving your ability to block or recover from a ransomware assault and Progent offers on-demand consulting services to help you to create an efficient security/backup solution tailored to your business requirements.
- Split permission architecture for backup integrity
- Backing up key servers such as AD
- Offsite backups including cloud backup to Azure
Ransomware is a variety of malicious software that encrypts or deletes files so they are unusable or are publicized. Ransomware often locks the target's computer. To prevent the damage, the target is asked to pay a certain amount of money, usually via a crypto currency like Bitcoin, within a short time window. There is no guarantee that delivering the ransom will restore the lost data or avoid its publication. Files can be altered or erased across a network depending on the victim's write permissions, and you cannot solve the military-grade encryption algorithms used on the hostage files. A common ransomware attack vector is tainted email, whereby the user is lured into interacting with by a social engineering technique known as spear phishing. This makes the email to appear to come from a trusted sender. Another common vulnerability is an improperly secured Remote Desktop Protocol port.
CryptoLocker ushered in the modern era of ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is said to be billions of dollars per year, more than doubling every two years. Famous attacks include WannaCry, and Petya. Current high-profile threats like Ryuk, DoppelPaymer and TeslaCrypt are more complex and have caused more havoc than earlier versions. Even if your backup/recovery procedures enable you to restore your encrypted data, you can still be hurt by exfiltration, where ransomed documents are exposed to the public. Because additional versions of ransomware are launched daily, there is no guarantee that conventional signature-based anti-virus tools will detect a new attack. If an attack does appear in an email, it is critical that your users have learned to be aware of phishing techniques. Your ultimate protection is a solid process for scheduling and keeping remote backups plus the use of reliable restoration platforms.
Contact Progent About the ProSight Ransomware Susceptibility Report in Allen
For pricing information and to learn more about how Progent's ProSight Ransomware Vulnerability Report can bolster your protection against ransomware in Allen, call Progent at 800-462-8800 or visit Contact Progent.