Ransomware has been widely adopted by cybercriminals and rogue states, representing a potentially existential risk to businesses that are breached. Modern versions of ransomware target all vulnerable resources, including backup, making even selective recovery a complex and expensive exercise. New strains of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Lockbit and Nephilim have made the headlines, displacing Locky, Spora, and CryptoWall in prominence, sophistication, and destructive impact.
Most crypto-ransomware penetrations are caused by innocent-seeming emails with malicious links or file attachments, and a high percentage are so-called "zero-day" attacks that elude the defenses of legacy signature-based antivirus filters. While user education and up-front detection are critical to defend your network against ransomware, leading practices demand that you take for granted some malware will inevitably succeed and that you put in place a strong backup solution that allows you to repair the damage rapidly with little if any damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service centered around a remote interview with a Progent cybersecurity consultant skilled in ransomware defense and recovery. In the course of this interview Progent will work directly with your Anaheim IT managers to gather critical data about your security profile and backup environment. Progent will utilize this information to produce a Basic Security and Best Practices Assessment documenting how to adhere to best practices for implementing and administering your security and backup solution to prevent or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights key areas associated with ransomware defense and restoration recovery. The review covers:
- Proper allocation and use of admin accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Proper firewall configuration
- Safe RDP connections
- Advice about AntiVirus (AV) tools selection and configuration
The online interview included with the ProSight Ransomware Vulnerability Checkup service lasts about one hour for a typical small business network and requires more time for larger or more complicated environments. The written report contains suggestions for improving your ability to block or clean up after a ransomware incident and Progent can provide on-demand consulting services to help you to design and deploy a cost-effective cybersecurity/backup solution tailored to your specific needs.
- Split permission architecture for backup integrity
- Protecting critical servers including Active Directory
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a type of malicious software that encrypts or steals a victim's files so they are unusable or are made publicly available. Ransomware often locks the victim's computer. To avoid the damage, the victim is asked to pay a certain amount of money (the ransom), usually via a crypto currency like Bitcoin, within a short period of time. It is not guaranteed that paying the extortion price will restore the damaged data or prevent its publication. Files can be altered or erased across a network based on the target's write permissions, and you cannot reverse engineer the strong encryption technologies used on the hostage files. A common ransomware delivery package is spoofed email, in which the user is tricked into responding to by a social engineering exploit called spear phishing. This makes the email to look as though it came from a familiar sender. Another popular vulnerability is an improperly secured RDP port.
The ransomware variant CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses attributed to by different versions of ransomware is said to be billions of dollars per year, more than doubling every other year. Notorious examples are Locky, and Petya. Recent headline threats like Ryuk, Sodinokibi and TeslaCrypt are more sophisticated and have caused more havoc than older versions. Even if your backup procedures permit you to recover your encrypted data, you can still be threatened by exfiltration, where ransomed data are made public. Because new variants of ransomware are launched daily, there is no guarantee that traditional signature-based anti-virus filters will detect a new attack. If threat does show up in an email, it is important that your users have learned to be aware of phishing tricks. Your last line of defense is a solid process for performing and retaining remote backups and the deployment of dependable restoration tools.
Ask Progent About the ProSight Ransomware Susceptibility Report in Anaheim
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Checkup can bolster your protection against crypto-ransomware in Anaheim, phone Progent at 800-462-8800 or visit Contact Progent.