Ransomware has been widely adopted by the major cyber-crime organizations and bad-actor states, representing a potentially existential threat to companies that are successfully attacked. Current variations of ransomware go after all vulnerable resources, including online backup, making even selective recovery a long and expensive process. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Snatch and Egregor have made the headlines, displacing WannaCry, TeslaCrypt, and NotPetya in prominence, sophistication, and destructiveness.
90% of ransomware penetrations are caused by innocuous-seeming emails with dangerous links or file attachments, and many are "zero-day" attacks that can escape the defenses of legacy signature-matching antivirus (AV) tools. Although user education and up-front detection are critical to defend against ransomware, best practices dictate that you take for granted some attacks will eventually succeed and that you prepare a strong backup mechanism that enables you to repair the damage quickly with little if any damage.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service centered around an online discussion with a Progent cybersecurity expert experienced in ransomware protection and repair. In the course of this interview Progent will cooperate with your Aurora IT management staff to collect critical information concerning your cybersecurity profile and backup processes. Progent will use this information to create a Basic Security and Best Practices Report documenting how to adhere to best practices for implementing and administering your cybersecurity and backup solution to block or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights vital issues associated with ransomware defense and restoration recovery. The review addresses:
- Correct allocation and use of administration accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Proper firewall setup
- Secure RDP connections
- Recommend AntiVirus (AV) filtering selection and configuration
The online interview included with the ProSight Ransomware Preparedness Report service takes about an hour for the average small business and requires more time for bigger or more complicated environments. The written report features suggestions for improving your ability to block or clean up after a ransomware assault and Progent offers as-needed consulting services to help your business to design and deploy an efficient security/backup solution tailored to your specific needs.
- Split permission model for backup protection
- Backing up key servers such as AD
- Offsite backups with cloud backup to Microsoft Azure
Ransomware is a form of malware that encrypts or deletes files so they are unusable or are publicized. Crypto-ransomware sometimes locks the victim's computer. To prevent the damage, the target is required to pay a specified ransom, usually via a crypto currency such as Bitcoin, within a short time window. It is not guaranteed that paying the extortion price will restore the lost files or avoid its exposure to the public. Files can be encrypted or deleted across a network based on the victim's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the compromised files. A common ransomware attack vector is tainted email, whereby the target is tricked into responding to by means of a social engineering technique known as spear phishing. This makes the email message to appear to come from a familiar sender. Another common vulnerability is an improperly protected Remote Desktop Protocol port.
The ransomware variant CryptoLocker ushered in the modern era of ransomware in 2013, and the damage attributed to by the many strains of ransomware is said to be billions of dollars per year, roughly doubling every other year. Notorious examples include WannaCry, and Petya. Recent high-profile threats like Ryuk, Sodinokibi and Cerber are more elaborate and have wreaked more damage than older strains. Even if your backup/recovery processes allow your business to recover your encrypted data, you can still be hurt by so-called exfiltration, where ransomed documents are exposed to the public (known as "doxxing"). Because new variants of ransomware are launched daily, there is no certainty that conventional signature-matching anti-virus tools will detect a new malware. If threat does appear in an email, it is critical that your users have learned to be aware of social engineering techniques. Your ultimate defense is a solid process for performing and retaining offsite backups plus the deployment of reliable recovery platforms.
Ask Progent About the ProSight Crypto-Ransomware Susceptibility Audit in Aurora
For pricing details and to find out more about how Progent's ProSight Ransomware Susceptibility Testing can bolster your protection against ransomware in Aurora, phone Progent at 800-462-8800 or visit Contact Progent.