Ransomware has become the weapon of choice for cybercriminals and bad-actor states, posing a possibly existential threat to businesses that are victimized. Modern versions of ransomware target all vulnerable resources, including backup, making even selective recovery a complex and costly process. New variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Nephilim have emerged, displacing Locky, TeslaCrypt, and CryptoWall in notoriety, sophistication, and destructive impact.
Most ransomware infections are caused by innocuous-looking emails that have malicious hyperlinks or attachments, and a high percentage are "zero-day" attacks that elude detection by legacy signature-matching antivirus (AV) tools. While user training and frontline detection are important to defend against ransomware, leading practices dictate that you assume some malware will eventually get through and that you prepare a solid backup solution that permits you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service centered around a remote interview with a Progent cybersecurity expert skilled in ransomware defense and recovery. During this interview Progent will cooperate directly with your Austin IT management staff to collect critical data concerning your security setup and backup environment. Progent will utilize this information to generate a Basic Security and Best Practices Assessment detailing how to follow leading practices for configuring and administering your security and backup solution to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report focuses on vital areas associated with ransomware prevention and restoration recovery. The review covers:
- Proper allocation and use of administration accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) permissions
- Optimal firewall setup
- Secure RDP access
- Guidance for AntiVirus tools selection and configuration
The online interview for the ProSight Ransomware Preparedness Report service takes about an hour for the average small business network and requires more time for larger or more complex environments. The report document contains recommendations for enhancing your ability to ward off or recover from a ransomware attack and Progent offers on-demand expertise to help you to design and deploy an efficient security/data backup solution customized for your specific requirements.
- Split permission architecture for backup protection
- Backing up required servers including Active Directory
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or steals a victim's files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To avoid the carnage, the target is asked to send a certain ransom, usually in the form of a crypto currency such as Bitcoin, within a brief period of time. It is not guaranteed that paying the extortion price will recover the damaged files or avoid its exposure to the public. Files can be altered or erased across a network based on the target's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the compromised files. A typical ransomware delivery package is tainted email, in which the target is lured into interacting with by a social engineering technique called spear phishing. This makes the email message to appear to come from a familiar sender. Another common vulnerability is an improperly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses caused by the many versions of ransomware is estimated at billions of dollars per year, roughly doubling every other year. Notorious examples include Locky, and Petya. Current headline threats like Ryuk, DoppelPaymer and CryptoWall are more elaborate and have caused more havoc than older versions. Even if your backup/recovery procedures permit your business to restore your encrypted data, you can still be hurt by exfiltration, where ransomed documents are made public. Because new versions of ransomware crop up every day, there is no certainty that traditional signature-matching anti-virus tools will block the latest malware. If an attack does show up in an email, it is critical that your users have been taught to be aware of social engineering tricks. Your ultimate defense is a sound scheme for performing and keeping offsite backups plus the deployment of reliable recovery tools.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Checkup in Austin
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Checkup can bolster your protection against crypto-ransomware in Austin, call Progent at 800-462-8800 or see Contact Progent.