Ransomware has been widely adopted by cyber extortionists and bad-actor states, posing a possibly lethal threat to businesses that are breached. The latest versions of ransomware target all vulnerable resources, including backup, making even selective recovery a complex and expensive exercise. New variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Egregor have emerged, displacing Locky, TeslaCrypt, and Petya in notoriety, elaborateness, and destructive impact.
Most crypto-ransomware breaches come from innocent-looking emails that include malicious links or attachments, and a high percentage are so-called "zero-day" attacks that can escape the defenses of traditional signature-based antivirus (AV) tools. Although user education and up-front detection are critical to defend your network against ransomware, best practices demand that you take for granted some attacks will inevitably succeed and that you put in place a strong backup mechanism that permits you to restore files and services rapidly with little if any damage.
Progent's ProSight Ransomware Preparedness Assessment is an ultra-affordable service built around an online discussion with a Progent cybersecurity expert skilled in ransomware protection and repair. During this interview Progent will collaborate with your Alpharetta network managers to gather pertinent information about your security setup and backup processes. Progent will utilize this data to produce a Basic Security and Best Practices Report detailing how to follow best practices for implementing and administering your cybersecurity and backup systems to block or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on key issues associated with crypto-ransomware prevention and restoration recovery. The report addresses:
- Correct allocation and use of admin accounts
- Correct NTFS (New Technology File System) and SMB authorizations
- Optimal firewall setup
- Safe RDP access
- Guidance for AntiVirus filtering selection and configuration
The online interview process for the ProSight Ransomware Preparedness Assessment service takes about one hour for the average small business and longer for bigger or more complex IT environments. The report document contains suggestions for enhancing your ability to ward off or recover from a ransomware assault and Progent can provide on-demand consulting services to assist you and your IT staff to create a cost-effective security/backup solution customized for your business needs.
- Split permission model for backup protection
- Protecting required servers such as Active Directory
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a type of malicious software that encrypts or deletes files so they are unusable or are publicized. Ransomware often locks the victim's computer. To avoid the damage, the victim is required to pay a specified ransom, typically via a crypto currency such as Bitcoin, within a brief period of time. There is no guarantee that paying the ransom will restore the lost files or avoid its publication. Files can be altered or erased throughout a network based on the target's write permissions, and you cannot solve the strong encryption technologies used on the compromised files. A common ransomware delivery package is booby-trapped email, in which the victim is lured into interacting with by means of a social engineering technique called spear phishing. This makes the email to appear to come from a trusted source. Another popular attack vector is an improperly secured RDP port.
CryptoLocker opened the modern era of crypto-ransomware in 2013, and the monetary losses attributed to by the many versions of ransomware is said to be billions of dollars annually, roughly doubling every other year. Notorious attacks are Locky, and NotPetya. Current high-profile variants like Ryuk, Sodinokibi and CryptoWall are more complex and have wreaked more havoc than older strains. Even if your backup procedures enable you to recover your encrypted files, you can still be threatened by so-called exfiltration, where ransomed documents are made public. Because additional versions of ransomware are launched daily, there is no certainty that traditional signature-matching anti-virus filters will block the latest malware. If threat does appear in an email, it is critical that your users have learned to identify phishing techniques. Your last line of defense is a sound scheme for performing and retaining remote backups and the use of dependable recovery platforms.
Ask Progent About the ProSight Crypto-Ransomware Preparedness Consultation in Alpharetta
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Vulnerability Checkup can bolster your protection against ransomware in Alpharetta, call Progent at 800-462-8800 or see Contact Progent.