Ransomware has been widely adopted by the major cyber-crime organizations and malicious governments, representing a possibly existential risk to companies that are victimized. The latest versions of ransomware go after everything, including backup, making even selective restoration a complex and costly exercise. Novel variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, LockBit and Egregor have emerged, replacing WannaCry, TeslaCrypt, and Petya in notoriety, sophistication, and destructive impact.
90% of crypto-ransomware infections come from innocent-looking emails that have malicious links or attachments, and a high percentage are "zero-day" strains that elude detection by legacy signature-based antivirus (AV) tools. While user training and frontline identification are important to protect your network against ransomware, leading practices dictate that you take for granted some attacks will eventually get through and that you prepare a solid backup solution that enables you to restore files and services rapidly with little if any damage.
Progent's ProSight Ransomware Vulnerability Assessment is an ultra-affordable service built around a remote discussion with a Progent cybersecurity consultant skilled in ransomware defense and recovery. During this interview Progent will work directly with your Alpharetta IT management staff to gather critical data concerning your cybersecurity profile and backup processes. Progent will use this information to create a Basic Security and Best Practices Report detailing how to follow leading practices for configuring and administering your cybersecurity and backup solution to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on key issues associated with crypto-ransomware prevention and restoration recovery. The report covers:
- Proper use of administration accounts
- Correct NTFS and SMB (Server Message Block) authorizations
- Proper firewall setup
- Safe Remote Desktop Protocol (RDP) connections
- Advice about AntiVirus filtering identification and deployment
The remote interview for the ProSight Ransomware Vulnerability Report service takes about one hour for a typical small business and requires more time for larger or more complicated IT environments. The written report features suggestions for enhancing your ability to ward off or clean up after a ransomware incident and Progent offers as-needed consulting services to assist your business to design and deploy an efficient security/data backup system tailored to your business requirements.
- Split permission architecture for backup integrity
- Protecting critical servers including Active Directory
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or deletes files so they cannot be used or are made publicly available. Ransomware often locks the target's computer. To avoid the carnage, the target is asked to send a certain amount of money, typically in the form of a crypto currency like Bitcoin, within a brief time window. It is not guaranteed that paying the extortion price will recover the damaged files or prevent its exposure to the public. Files can be altered or deleted across a network based on the victim's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A common ransomware delivery package is booby-trapped email, whereby the target is lured into responding to by means of a social engineering technique known as spear phishing. This makes the email to look as though it came from a familiar sender. Another popular attack vector is a poorly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the new age of ransomware in 2013, and the monetary losses caused by different strains of ransomware is said to be billions of dollars annually, more than doubling every two years. Famous examples are Locky, and NotPetya. Current headline variants like Ryuk, Sodinokibi and CryptoWall are more elaborate and have wreaked more havoc than earlier versions. Even if your backup procedures enable you to restore your encrypted data, you can still be threatened by so-called exfiltration, where ransomed documents are made public. Because new versions of ransomware are launched every day, there is no guarantee that traditional signature-based anti-virus tools will detect a new attack. If threat does appear in an email, it is critical that your end users have been taught to be aware of phishing techniques. Your last line of defense is a solid process for performing and retaining remote backups plus the deployment of dependable recovery tools.
Ask Progent About the ProSight Ransomware Susceptibility Checkup in Alpharetta
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Readiness Report can bolster your defense against crypto-ransomware in Alpharetta, phone Progent at 800-462-8800 or visit Contact Progent.