Ransomware has been widely adopted by cyber extortionists and malicious states, posing a potentially lethal threat to companies that are breached. Modern versions of crypto-ransomware target all vulnerable resources, including online backup, making even selective recovery a challenging and expensive exercise. Novel strains of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Conti and Egregor have emerged, displacing Locky, TeslaCrypt, and NotPetya in prominence, elaborateness, and destructive impact.
Most crypto-ransomware breaches are the result of innocent-looking emails with dangerous links or file attachments, and many are so-called "zero-day" variants that elude the defenses of traditional signature-matching antivirus filters. While user education and up-front detection are critical to protect against ransomware attacks, leading practices dictate that you take for granted some attacks will inevitably succeed and that you prepare a solid backup solution that enables you to restore files and services rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service built around an online interview with a Progent security expert experienced in ransomware protection and repair. During this assessment Progent will collaborate directly with your Austin network management staff to collect pertinent data concerning your security setup and backup environment. Progent will use this information to produce a Basic Security and Best Practices Report documenting how to follow best practices for implementing and managing your security and backup systems to block or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital issues associated with crypto-ransomware defense and restoration recovery. The report covers:
- Proper allocation and use of administration accounts
- Assigning NTFS and SMB (Server Message Block) permissions
- Optimal firewall setup
- Secure RDP connections
- Guidance for AntiVirus (AV) tools selection and deployment
The remote interview included with the ProSight Ransomware Vulnerability Checkup service takes about an hour for the average small business and requires more time for larger or more complex IT environments. The report document contains recommendations for improving your ability to block or recover from a ransomware incident and Progent can provide on-demand consulting services to assist you and your IT staff to design and deploy an efficient cybersecurity/data backup solution tailored to your specific requirements.
- Split permission model for backup integrity
- Backing up required servers such as Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or steals a victim's files so they are unusable or are made publicly available. Crypto-ransomware often locks the target's computer. To avoid the carnage, the target is required to pay a certain ransom, typically in the form of a crypto currency like Bitcoin, within a brief period of time. There is no guarantee that delivering the extortion price will restore the damaged files or prevent its exposure to the public. Files can be altered or deleted throughout a network based on the victim's write permissions, and you cannot solve the military-grade encryption algorithms used on the compromised files. A common ransomware attack vector is booby-trapped email, whereby the victim is tricked into responding to by a social engineering technique known as spear phishing. This causes the email message to look as though it came from a trusted source. Another popular vulnerability is an improperly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the damage attributed to by the many strains of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Famous examples include Locky, and Petya. Current high-profile threats like Ryuk, DoppelPaymer and Cerber are more complex and have wreaked more damage than earlier strains. Even if your backup processes allow you to recover your ransomed data, you can still be hurt by exfiltration, where ransomed documents are exposed to the public. Because new variants of ransomware are launched daily, there is no guarantee that conventional signature-based anti-virus tools will detect a new attack. If an attack does show up in an email, it is critical that your users have been taught to be aware of social engineering tricks. Your ultimate protection is a sound process for performing and keeping offsite backups plus the deployment of dependable recovery platforms.
Contact Progent About the ProSight Ransomware Vulnerability Testing in Austin
For pricing details and to learn more about how Progent's ProSight Ransomware Vulnerability Assessment can enhance your protection against ransomware in Austin, call Progent at 800-993-9400 or visit Contact Progent.