Ransomware has become the weapon of choice for cyber extortionists and rogue states, posing a potentially lethal threat to businesses that fall victim. Current strains of ransomware go after everything, including online backup, making even partial recovery a long and costly exercise. Novel versions of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have emerged, displacing WannaCry, Cerber, and NotPetya in notoriety, elaborateness, and destructiveness.
90% of crypto-ransomware breaches come from innocent-looking emails that have malicious links or attachments, and many are so-called "zero-day" strains that elude the defenses of traditional signature-matching antivirus (AV) filters. While user training and frontline detection are critical to protect your network against ransomware, leading practices dictate that you assume some malware will eventually succeed and that you implement a strong backup mechanism that allows you to recover quickly with little if any losses.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around an online interview with a Progent cybersecurity consultant skilled in ransomware defense and recovery. During this interview Progent will collaborate with your Alpharetta network managers to collect pertinent information concerning your cybersecurity setup and backup processes. Progent will use this data to create a Basic Security and Best Practices Assessment documenting how to adhere to best practices for implementing and managing your security and backup solution to block or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital areas related to ransomware prevention and restoration recovery. The report addresses:
- Correct allocation and use of admin accounts
- Correct NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Proper firewall setup
- Secure Remote Desktop Protocol configuration
- Recommend AntiVirus tools identification and configuration
The remote interview for the ProSight Ransomware Preparedness Checkup service takes about an hour for the average small business network and requires more time for larger or more complex environments. The written report features recommendations for enhancing your ability to block or recover from a ransomware attack and Progent can provide on-demand consulting services to help your business to design and deploy an efficient security/data backup system tailored to your specific requirements.
- Split permission architecture for backup protection
- Protecting key servers including AD
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a variety of malicious software that encrypts or steals a victim's files so they are unusable or are made publicly available. Ransomware sometimes locks the target's computer. To prevent the carnage, the target is required to pay a certain amount of money, typically via a crypto currency such as Bitcoin, within a brief time window. There is no guarantee that delivering the ransom will recover the damaged files or prevent its publication. Files can be encrypted or deleted throughout a network based on the target's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the hostage files. A common ransomware delivery package is tainted email, whereby the user is lured into interacting with by a social engineering exploit known as spear phishing. This makes the email message to look as though it came from a trusted sender. Another popular attack vector is a poorly secured Remote Desktop Protocol port.
CryptoLocker opened the modern era of ransomware in 2013, and the damage caused by the many versions of ransomware is said to be billions of dollars per year, more than doubling every two years. Famous examples are Locky, and NotPetya. Recent high-profile threats like Ryuk, Sodinokibi and Cerber are more sophisticated and have caused more damage than older strains. Even if your backup/recovery procedures enable you to restore your ransomed data, you can still be threatened by so-called exfiltration, where stolen data are made public. Because new variants of ransomware are launched every day, there is no guarantee that conventional signature-based anti-virus tools will block a new malware. If threat does appear in an email, it is important that your users have learned to be aware of social engineering techniques. Your last line of protection is a sound process for scheduling and retaining offsite backups plus the use of reliable restoration platforms.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Testing in Alpharetta
For pricing details and to learn more about how Progent's ProSight Ransomware Preparedness Consultation can bolster your protection against crypto-ransomware in Alpharetta, call Progent at 800-462-8800 or see Contact Progent.