Ransomware has been weaponized by the major cyber-crime organizations and bad-actor states, posing a potentially lethal threat to businesses that are breached. Current versions of ransomware target all vulnerable resources, including online backup, making even partial restoration a challenging and costly process. Novel versions of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Lockbit and Nephilim have emerged, displacing Locky, Cerber, and CryptoWall in prominence, sophistication, and destructiveness.
90% of ransomware penetrations are the result of innocent-looking emails that include malicious hyperlinks or file attachments, and many are so-called "zero-day" strains that elude detection by legacy signature-matching antivirus tools. While user training and up-front identification are critical to protect against ransomware attacks, best practices demand that you take for granted some attacks will eventually succeed and that you implement a solid backup solution that enables you to repair the damage quickly with little if any losses.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service centered around a remote discussion with a Progent cybersecurity expert experienced in ransomware defense and repair. During this assessment Progent will cooperate directly with your Bakersfield IT management staff to gather pertinent information concerning your security configuration and backup environment. Progent will utilize this information to create a Basic Security and Best Practices Report documenting how to apply leading practices for configuring and administering your security and backup solution to prevent or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital areas related to ransomware defense and restoration recovery. The report addresses:
- Correct allocation and use of admin accounts
- Assigning NTFS and SMB (Server Message Block) authorizations
- Optimal firewall setup
- Secure Remote Desktop Protocol connections
- Advice about AntiVirus (AV) filtering identification and configuration
The remote interview for the ProSight Ransomware Preparedness Assessment service takes about an hour for the average small business and longer for larger or more complex IT environments. The report document features recommendations for enhancing your ability to block or recover from a ransomware incident and Progent offers as-needed consulting services to assist you to create an efficient security/data backup system tailored to your business needs.
- Split permission model for backup protection
- Backing up key servers such as AD
- Geographically dispersed backups with cloud backup to Azure
Ransomware is a form of malware that encrypts or deletes files so they are unusable or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the carnage, the target is asked to send a certain amount of money (the ransom), usually via a crypto currency like Bitcoin, within a short time window. There is no guarantee that delivering the extortion price will restore the lost data or prevent its exposure to the public. Files can be encrypted or deleted across a network based on the target's write permissions, and you cannot break the strong encryption algorithms used on the compromised files. A typical ransomware attack vector is tainted email, in which the victim is tricked into interacting with by means of a social engineering technique known as spear phishing. This causes the email to appear to come from a familiar source. Another popular attack vector is an improperly protected RDP port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses caused by different strains of ransomware is said to be billions of dollars per year, roughly doubling every two years. Famous examples are WannaCry, and NotPetya. Recent headline threats like Ryuk, Maze and CryptoWall are more elaborate and have caused more damage than earlier versions. Even if your backup/recovery procedures enable your business to recover your encrypted data, you can still be threatened by so-called exfiltration, where ransomed documents are made public (known as "doxxing"). Because additional variants of ransomware are launched daily, there is no certainty that traditional signature-based anti-virus filters will block a new attack. If threat does appear in an email, it is critical that your users have been taught to identify phishing tricks. Your last line of protection is a sound process for scheduling and keeping offsite backups and the deployment of dependable recovery platforms.
Ask Progent About the ProSight Ransomware Preparedness Audit in Bakersfield
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Consultation can enhance your protection against ransomware in Bakersfield, phone Progent at 800-462-8800 or visit Contact Progent.