Ransomware has been weaponized by cyber extortionists and bad-actor states, representing a possibly existential risk to companies that are successfully attacked. Modern strains of ransomware target all vulnerable resources, including backup, making even partial restoration a complex and costly exercise. New strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Nephilim have made the headlines, replacing WannaCry, Cerber, and NotPetya in notoriety, elaborateness, and destructive impact.
Most crypto-ransomware infections are the result of innocuous-looking emails with dangerous hyperlinks or attachments, and many are "zero-day" strains that elude detection by traditional signature-matching antivirus (AV) tools. While user education and frontline identification are critical to defend against ransomware, best practices demand that you take for granted some attacks will eventually get through and that you prepare a strong backup solution that enables you to repair the damage rapidly with little if any damage.
Progent's ProSight Ransomware Preparedness Checkup is an ultra-affordable service centered around a remote discussion with a Progent cybersecurity consultant experienced in ransomware protection and repair. During this interview Progent will cooperate directly with your Allentown IT managers to collect critical data concerning your security setup and backup processes. Progent will utilize this information to produce a Basic Security and Best Practices Report documenting how to follow leading practices for configuring and managing your cybersecurity and backup solution to prevent or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Report highlights key areas related to crypto-ransomware defense and restoration recovery. The review covers:
- Effective allocation and use of administration accounts
- Correct NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Proper firewall configuration
- Safe RDP connections
- Advice about AntiVirus tools identification and configuration
The online interview for the ProSight Ransomware Vulnerability Assessment service lasts about an hour for the average small company and requires more time for larger or more complex environments. The written report includes recommendations for improving your ability to ward off or clean up after a ransomware attack and Progent can provide as-needed expertise to assist your business to design and deploy an efficient security/backup system tailored to your business needs.
- Split permission architecture for backup protection
- Backing up key servers including AD
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a form of malicious software that encrypts or steals a victim's files so they cannot be used or are publicized. Crypto-ransomware sometimes locks the victim's computer. To avoid the damage, the victim is asked to pay a specified amount of money (the ransom), usually via a crypto currency such as Bitcoin, within a brief period of time. It is not guaranteed that delivering the ransom will restore the damaged files or avoid its exposure to the public. Files can be altered or deleted across a network depending on the target's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A common ransomware attack vector is booby-trapped email, whereby the victim is lured into interacting with by a social engineering technique known as spear phishing. This makes the email to appear to come from a trusted sender. Another popular vulnerability is a poorly secured Remote Desktop Protocol port.
CryptoLocker opened the new age of crypto-ransomware in 2013, and the damage attributed to by the many strains of ransomware is estimated at billions of dollars per year, roughly doubling every other year. Famous examples include WannaCry, and NotPetya. Current high-profile variants like Ryuk, DoppelPaymer and Spora are more sophisticated and have caused more havoc than earlier versions. Even if your backup processes enable your business to recover your ransomed files, you can still be threatened by exfiltration, where ransomed data are made public (known as "doxxing"). Because new variants of ransomware are launched every day, there is no certainty that traditional signature-based anti-virus tools will block the latest attack. If threat does appear in an email, it is important that your users have learned to identify social engineering tricks. Your ultimate defense is a sound scheme for scheduling and keeping offsite backups and the deployment of reliable recovery tools.
Ask Progent About the ProSight Ransomware Vulnerability Evaluation in Allentown
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Checkup can enhance your protection against ransomware in Allentown, phone Progent at 800-462-8800 or see Contact Progent.