Ransomware has been weaponized by cyber extortionists and rogue governments, posing a possibly lethal risk to businesses that fall victim. Modern versions of crypto-ransomware go after everything, including online backup, making even selective restoration a challenging and expensive exercise. Novel versions of ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Nephilim have emerged, displacing Locky, TeslaCrypt, and CryptoWall in prominence, elaborateness, and destructiveness.
90% of crypto-ransomware penetrations are caused by innocuous-seeming emails that include malicious links or file attachments, and a high percentage are "zero-day" strains that elude detection by traditional signature-matching antivirus tools. Although user education and frontline detection are important to defend against ransomware, leading practices dictate that you take for granted some malware will inevitably succeed and that you implement a strong backup solution that enables you to recover rapidly with minimal damage.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service built around an online interview with a Progent cybersecurity expert skilled in ransomware defense and recovery. During this interview Progent will work with your Alpharetta IT managers to gather critical data concerning your security profile and backup processes. Progent will utilize this information to produce a Basic Security and Best Practices Assessment documenting how to adhere to best practices for implementing and managing your cybersecurity and backup solution to block or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights vital issues related to crypto-ransomware defense and restoration recovery. The review covers:
- Proper use of admin accounts
- Appropriate NTFS and SMB authorizations
- Proper firewall settings
- Secure Remote Desktop Protocol (RDP) configuration
- Recommend AntiVirus (AV) tools selection and deployment
The online interview for the ProSight Ransomware Vulnerability Assessment service takes about an hour for a typical small company and requires more time for bigger or more complex IT environments. The report document contains recommendations for enhancing your ability to block or clean up after a ransomware incident and Progent can provide as-needed expertise to help you and your IT staff to create a cost-effective cybersecurity/backup solution customized for your specific needs.
- Split permission model for backup integrity
- Backing up required servers including AD
- Offsite backups with cloud backup to Azure
Ransomware is a type of malicious software that encrypts or deletes a victim's files so they are unusable or are publicized. Ransomware sometimes locks the victim's computer. To prevent the damage, the target is required to send a specified amount of money, usually in the form of a crypto currency such as Bitcoin, within a short time window. It is not guaranteed that delivering the ransom will restore the damaged data or prevent its exposure to the public. Files can be altered or deleted across a network based on the target's write permissions, and you cannot solve the strong encryption algorithms used on the compromised files. A common ransomware attack vector is spoofed email, in which the user is tricked into interacting with by means of a social engineering technique known as spear phishing. This causes the email message to look as though it came from a familiar source. Another popular vulnerability is a poorly protected Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the modern era of crypto-ransomware in 2013, and the monetary losses caused by different versions of ransomware is said to be billions of dollars annually, more than doubling every two years. Notorious attacks include WannaCry, and NotPetya. Recent high-profile variants like Ryuk, Sodinokibi and Cerber are more complex and have caused more havoc than earlier strains. Even if your backup procedures enable you to recover your ransomed files, you can still be hurt by exfiltration, where ransomed documents are made public. Because new variants of ransomware are launched every day, there is no guarantee that conventional signature-based anti-virus tools will detect a new malware. If an attack does appear in an email, it is critical that your users have learned to identify social engineering techniques. Your ultimate protection is a solid scheme for performing and keeping remote backups plus the use of dependable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Audit in Alpharetta
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Checkup can enhance your protection against crypto-ransomware in Alpharetta, phone Progent at 800-462-8800 or see Contact Progent.