Ransomware has been widely adopted by cyber extortionists and bad-actor states, representing a potentially existential threat to businesses that are victimized. Modern versions of ransomware go after everything, including online backup, making even partial restoration a challenging and costly exercise. Novel variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Nephilim have made the headlines, displacing Locky, Spora, and CryptoWall in prominence, elaborateness, and destructive impact.
Most ransomware infections come from innocent-looking emails with dangerous links or attachments, and a high percentage are so-called "zero-day" attacks that elude the defenses of legacy signature-based antivirus filters. While user education and up-front identification are critical to protect your network against ransomware attacks, best practices demand that you take for granted some attacks will inevitably get through and that you deploy a solid backup solution that allows you to recover rapidly with minimal damage.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around an online interview with a Progent cybersecurity expert skilled in ransomware protection and repair. During this interview Progent will cooperate with your Aurora network management staff to collect pertinent data about your cybersecurity configuration and backup processes. Progent will use this data to produce a Basic Security and Best Practices Assessment detailing how to follow best practices for configuring and administering your cybersecurity and backup systems to prevent or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report highlights key areas associated with crypto-ransomware defense and restoration recovery. The review addresses:
- Effective allocation and use of admin accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Optimal firewall configuration
- Safe Remote Desktop Protocol configuration
- Advice about AntiVirus tools identification and configuration
The online interview process included with the ProSight Ransomware Preparedness Report service lasts about one hour for the average small business network and requires more time for bigger or more complicated IT environments. The written report features recommendations for improving your ability to block or clean up after a ransomware attack and Progent offers as-needed consulting services to help you to create a cost-effective security/backup system tailored to your specific requirements.
- Split permission model for backup protection
- Backing up key servers including AD
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a form of malicious software that encrypts or steals a victim's files so they are unusable or are made publicly available. Ransomware often locks the victim's computer. To avoid the damage, the target is required to pay a specified amount of money, typically in the form of a crypto currency like Bitcoin, within a short period of time. It is not guaranteed that delivering the extortion price will recover the lost files or prevent its publication. Files can be encrypted or deleted across a network based on the target's write permissions, and you cannot reverse engineer the strong encryption technologies used on the hostage files. A common ransomware delivery package is spoofed email, in which the victim is lured into interacting with by means of a social engineering technique called spear phishing. This causes the email message to appear to come from a familiar sender. Another common vulnerability is an improperly secured RDP port.
CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the damage caused by the many strains of ransomware is estimated at billions of dollars per year, roughly doubling every other year. Famous examples include WannaCry, and Petya. Recent headline threats like Ryuk, Maze and Cerber are more elaborate and have caused more damage than older strains. Even if your backup processes permit your business to restore your ransomed data, you can still be threatened by so-called exfiltration, where stolen documents are exposed to the public (known as "doxxing"). Because additional variants of ransomware crop up every day, there is no certainty that traditional signature-matching anti-virus filters will block the latest malware. If an attack does appear in an email, it is important that your end users have learned to be aware of phishing techniques. Your ultimate protection is a solid scheme for scheduling and keeping remote backups and the use of dependable recovery tools.
Ask Progent About the ProSight Crypto-Ransomware Preparedness Assessment in Aurora
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Review can bolster your protection against ransomware in Aurora, phone Progent at 800-462-8800 or visit Contact Progent.