Ransomware has been widely adopted by cyber extortionists and bad-actor governments, representing a potentially existential risk to businesses that are victimized. Modern strains of ransomware go after everything, including backup, making even selective restoration a complex and costly process. Novel versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Nephilim have made the headlines, displacing Locky, Spora, and Petya in prominence, sophistication, and destructive impact.
Most crypto-ransomware penetrations come from innocent-seeming emails that have dangerous hyperlinks or file attachments, and a high percentage are "zero-day" variants that elude detection by traditional signature-based antivirus filters. Although user training and up-front identification are important to protect against ransomware, leading practices dictate that you assume some malware will eventually get through and that you prepare a solid backup mechanism that permits you to recover quickly with minimal damage.
Progent's ProSight Ransomware Preparedness Checkup is a low-cost service built around an online interview with a Progent cybersecurity consultant experienced in ransomware protection and repair. During this assessment Progent will collaborate directly with your Atlanta network management staff to collect pertinent data about your security configuration and backup processes. Progent will use this information to create a Basic Security and Best Practices Report documenting how to apply leading practices for configuring and managing your cybersecurity and backup solution to block or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital issues related to ransomware defense and restoration recovery. The report addresses:
- Correct use of admin accounts
- Assigning NTFS (New Technology File System) and SMB permissions
- Proper firewall settings
- Secure Remote Desktop Protocol (RDP) configuration
- Advice about AntiVirus tools identification and configuration
The remote interview for the ProSight Ransomware Preparedness Checkup service lasts about an hour for a typical small business network and requires more time for bigger or more complicated environments. The written report features recommendations for enhancing your ability to ward off or recover from a ransomware assault and Progent can provide on-demand expertise to help you to create an efficient cybersecurity/backup system tailored to your specific needs.
- Split permission architecture for backup protection
- Protecting key servers such as AD
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a type of malware that encrypts or deletes files so they cannot be used or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the carnage, the victim is asked to send a specified ransom, usually in the form of a crypto currency like Bitcoin, within a brief period of time. It is never certain that paying the ransom will recover the damaged data or prevent its exposure to the public. Files can be encrypted or erased throughout a network depending on the victim's write permissions, and you cannot reverse engineer the strong encryption technologies used on the compromised files. A typical ransomware attack vector is booby-trapped email, whereby the target is tricked into responding to by means of a social engineering technique called spear phishing. This causes the email message to look as though it came from a familiar source. Another popular vulnerability is an improperly protected Remote Desktop Protocol port.
The ransomware variant CryptoLocker ushered in the modern era of ransomware in 2013, and the monetary losses attributed to by different strains of ransomware is estimated at billions of dollars per year, more than doubling every two years. Famous examples include Locky, and Petya. Recent high-profile variants like Ryuk, DoppelPaymer and Spora are more sophisticated and have wreaked more havoc than earlier strains. Even if your backup procedures permit your business to recover your encrypted data, you can still be threatened by exfiltration, where stolen data are exposed to the public. Because additional versions of ransomware crop up daily, there is no certainty that conventional signature-based anti-virus filters will block the latest attack. If an attack does show up in an email, it is important that your end users have learned to be aware of social engineering tricks. Your last line of defense is a solid scheme for performing and retaining remote backups and the deployment of reliable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Susceptibility Report in Atlanta
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Vulnerability Evaluation can enhance your defense against crypto-ransomware in Atlanta, phone Progent at 800-462-8800 or visit Contact Progent.