Atlanta Ransomware Protection and Remediation Consulting

Ransomware has been weaponized by the major cyber-crime organizations and bad-actor states, representing a possibly lethal risk to businesses that are breached. The latest variations of crypto-ransomware target everything, including backup, making even partial restoration a challenging and expensive process. New strains of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have made the headlines, displacing Locky, Spora, and Petya in prominence, elaborateness, and destructive impact.

Most ransomware infections come from innocent-looking emails that have dangerous links or file attachments, and a high percentage are so-called "zero-day" variants that elude detection by legacy signature-matching antivirus (AV) tools. Although user training and frontline detection are critical to protect your network against ransomware attacks, leading practices dictate that you assume some attacks will inevitably get through and that you put in place a solid backup mechanism that allows you to recover quickly with little if any losses.

Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service centered around an online interview with a Progent security expert experienced in ransomware protection and repair. During this assessment Progent will work with your Atlanta IT managers to gather critical data concerning your security profile and backup environment. Progent will use this data to produce a Basic Security and Best Practices Assessment documenting how to adhere to best practices for configuring and managing your security and backup solution to block or recover from a ransomware attack.

Progent's Basic Security and Best Practices Assessment highlights vital areas associated with crypto-ransomware defense and restoration recovery. The review addresses:

Cybersecurity

• Correct allocation and use of administration accounts
• Correct NTFS and SMB permissions
• Optimal firewall configuration
• Safe Remote Desktop Protocol access
• Advice about AntiVirus tools selection and configuration

• Split permission model for backup protection
• Backing up required servers including AD
• Geographically dispersed backups with cloud backup to Azure

About Ransomware
Ransomware is a variety of malware that encrypts or steals a victim's files so they cannot be used or are made publicly available. Ransomware sometimes locks the target's computer. To prevent the damage, the target is required to pay a specified ransom, usually in the form of a crypto currency like Bitcoin, within a brief period of time. There is no guarantee that delivering the extortion price will restore the lost files or avoid its exposure to the public. Files can be encrypted or deleted across a network based on the target's write permissions, and you cannot break the military-grade encryption technologies used on the compromised files. A typical ransomware delivery package is spoofed email, whereby the target is lured into interacting with by a social engineering technique called spear phishing. This causes the email message to appear to come from a familiar source. Another popular vulnerability is a poorly secured Remote Desktop Protocol port.

The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is said to be billions of dollars annually, roughly doubling every two years. Famous examples include Locky, and Petya. Recent headline threats like Ryuk, Maze and Cerber are more sophisticated and have caused more damage than older versions. Even if your backup processes enable your business to restore your ransomed data, you can still be threatened by exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because new variants of ransomware are launched daily, there is no certainty that traditional signature-matching anti-virus tools will block a new attack. If threat does appear in an email, it is important that your users have learned to identify phishing tricks. Your ultimate defense is a sound scheme for performing and retaining remote backups and the deployment of dependable recovery tools.

Contact Progent About the ProSight Ransomware Readiness Assessment in Atlanta
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Report can enhance your defense against crypto-ransomware in Atlanta, phone Progent at 800-462-8800 or visit Contact Progent.