Ransomware has been weaponized by the major cyber-crime organizations and malicious states, representing a potentially existential risk to companies that fall victim. Current variations of crypto-ransomware go after all vulnerable resources, including online backup, making even selective recovery a challenging and expensive process. Novel variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Nephilim have emerged, replacing Locky, Spora, and Petya in prominence, sophistication, and destructiveness.
Most ransomware infections are caused by innocent-seeming emails that include dangerous hyperlinks or file attachments, and a high percentage are so-called "zero-day" attacks that can escape the defenses of legacy signature-based antivirus filters. While user training and frontline identification are critical to protect your network against ransomware, leading practices demand that you expect that some malware will inevitably succeed and that you implement a solid backup solution that permits you to restore files and services rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service centered around an online discussion with a Progent security consultant skilled in ransomware defense and repair. In the course of this interview Progent will cooperate directly with your Atlanta IT managers to gather critical information concerning your security setup and backup environment. Progent will utilize this data to generate a Basic Security and Best Practices Report detailing how to follow leading practices for configuring and managing your security and backup systems to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital issues related to ransomware prevention and restoration recovery. The review covers:
- Effective use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Optimal firewall configuration
- Secure RDP connections
- Advice about AntiVirus tools selection and configuration
The remote interview process included with the ProSight Ransomware Preparedness Assessment service lasts about one hour for the average small company and requires more time for bigger or more complicated environments. The written report includes suggestions for improving your ability to block or recover from a ransomware attack and Progent offers as-needed consulting services to help you to create an efficient security/data backup solution customized for your business needs.
- Split permission architecture for backup protection
- Backing up key servers such as Active Directory
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a type of malware that encrypts or deletes files so they cannot be used or are made publicly available. Crypto-ransomware often locks the victim's computer. To prevent the damage, the target is required to pay a certain amount of money, typically in the form of a crypto currency like Bitcoin, within a brief time window. There is no guarantee that delivering the extortion price will restore the lost files or prevent its publication. Files can be altered or erased across a network depending on the target's write permissions, and you cannot break the military-grade encryption technologies used on the hostage files. A typical ransomware delivery package is tainted email, in which the victim is lured into responding to by a social engineering exploit known as spear phishing. This causes the email to look as though it came from a familiar sender. Another common attack vector is an improperly secured RDP port.
CryptoLocker opened the new age of ransomware in 2013, and the monetary losses caused by different strains of ransomware is estimated at billions of dollars annually, roughly doubling every two years. Notorious attacks include Locky, and NotPetya. Current high-profile variants like Ryuk, DoppelPaymer and Spora are more elaborate and have caused more damage than older versions. Even if your backup/recovery procedures enable you to recover your ransomed files, you can still be threatened by exfiltration, where ransomed data are made public. Because additional variants of ransomware are launched daily, there is no certainty that conventional signature-based anti-virus tools will detect the latest attack. If threat does appear in an email, it is important that your end users have been taught to identify phishing techniques. Your ultimate protection is a solid scheme for performing and keeping offsite backups plus the use of reliable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Readiness Assessment in Atlanta
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Susceptibility Audit can bolster your protection against crypto-ransomware in Atlanta, phone Progent at 800-462-8800 or see Contact Progent.