Ransomware has been weaponized by the major cyber-crime organizations and rogue states, posing a possibly lethal risk to businesses that are breached. Current variations of ransomware target everything, including backup, making even selective restoration a complex and costly exercise. Novel versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch and Egregor have made the headlines, displacing Locky, Spora, and NotPetya in prominence, elaborateness, and destructive impact.
90% of crypto-ransomware breaches come from innocuous-looking emails that include dangerous links or attachments, and many are so-called "zero-day" attacks that can escape the defenses of legacy signature-based antivirus filters. While user education and frontline identification are critical to defend your network against ransomware, leading practices dictate that you take for granted some malware will inevitably get through and that you implement a solid backup mechanism that permits you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service centered around a remote interview with a Progent security expert skilled in ransomware protection and recovery. During this interview Progent will work with your Aurora IT management staff to collect critical data about your cybersecurity profile and backup environment. Progent will utilize this data to produce a Basic Security and Best Practices Report documenting how to apply best practices for configuring and administering your security and backup systems to block or recover from a ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights key areas related to ransomware prevention and restoration recovery. The report addresses:
Security
About Ransomware
Ransomware is a form of malware that encrypts or steals files so they cannot be used or are made publicly available. Ransomware often locks the target's computer. To prevent the damage, the victim is asked to pay a certain amount of money (the ransom), usually in the form of a crypto currency like Bitcoin, within a short period of time. There is no guarantee that paying the extortion price will recover the lost data or prevent its publication. Files can be encrypted or deleted across a network depending on the victim's write permissions, and you cannot solve the strong encryption technologies used on the compromised files. A common ransomware delivery package is spoofed email, in which the user is tricked into interacting with by means of a social engineering exploit called spear phishing. This causes the email to look as though it came from a familiar sender. Another common vulnerability is a poorly protected RDP port.
The ransomware variant CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the damage attributed to by the many versions of ransomware is estimated at billions of dollars annually, more than doubling every other year. Notorious examples are Locky, and Petya. Current high-profile threats like Ryuk, DoppelPaymer and CryptoWall are more elaborate and have caused more havoc than earlier strains. Even if your backup procedures enable your business to recover your ransomed files, you can still be hurt by so-called exfiltration, where ransomed data are made public. Because additional variants of ransomware are launched daily, there is no certainty that conventional signature-matching anti-virus filters will detect the latest malware. If an attack does appear in an email, it is critical that your users have learned to identify phishing techniques. Your last line of defense is a sound process for scheduling and keeping remote backups and the deployment of reliable restoration tools.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Report in Aurora
For pricing information and to find out more about how Progent's ProSight Ransomware Vulnerability Evaluation can bolster your defense against ransomware in Aurora, call Progent at