Ransomware has become the weapon of choice for the major cyber-crime organizations and rogue governments, representing a potentially lethal threat to companies that are successfully attacked. Modern variations of crypto-ransomware go after all vulnerable resources, including backup, making even partial recovery a challenging and expensive process. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Egregor have made the headlines, displacing Locky, TeslaCrypt, and CryptoWall in prominence, elaborateness, and destructive impact.
Most crypto-ransomware penetrations are the result of innocuous-seeming emails with malicious hyperlinks or file attachments, and a high percentage are "zero-day" attacks that can escape detection by legacy signature-based antivirus (AV) tools. While user education and frontline identification are important to protect your network against ransomware, leading practices dictate that you expect that some attacks will inevitably succeed and that you implement a strong backup mechanism that allows you to recover rapidly with little if any losses.
Progent's ProSight Ransomware Preparedness Checkup is a low-cost service centered around an online discussion with a Progent cybersecurity expert skilled in ransomware protection and repair. During this assessment Progent will collaborate with your Bakersfield IT management staff to collect pertinent information about your security posture and backup environment. Progent will use this information to generate a Basic Security and Best Practices Report detailing how to adhere to best practices for configuring and managing your security and backup systems to block or recover from a ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital areas associated with ransomware defense and restoration recovery. The report addresses:
- Effective use of administration accounts
- Appropriate NTFS and SMB (Server Message Block) authorizations
- Proper firewall configuration
- Secure Remote Desktop Protocol (RDP) connections
- Guidance for AntiVirus filtering identification and deployment
The remote interview for the ProSight Ransomware Vulnerability Report service takes about an hour for a typical small business network and requires more time for bigger or more complex environments. The report document contains suggestions for enhancing your ability to block or clean up after a ransomware incident and Progent offers as-needed expertise to help you and your IT staff to create a cost-effective cybersecurity/data backup solution customized for your specific requirements.
- Split permission model for backup integrity
- Backing up key servers such as AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or deletes files so they are unusable or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the damage, the victim is asked to send a specified ransom, typically in the form of a crypto currency such as Bitcoin, within a short time window. There is no guarantee that delivering the ransom will restore the lost data or prevent its exposure to the public. Files can be encrypted or deleted throughout a network based on the victim's write permissions, and you cannot solve the military-grade encryption technologies used on the hostage files. A common ransomware attack vector is booby-trapped email, in which the victim is lured into interacting with by a social engineering technique called spear phishing. This causes the email message to appear to come from a familiar source. Another common attack vector is a poorly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the new age of ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is said to be billions of dollars per year, more than doubling every two years. Notorious examples include Locky, and Petya. Recent headline threats like Ryuk, Sodinokibi and TeslaCrypt are more elaborate and have caused more damage than earlier strains. Even if your backup/recovery procedures permit you to recover your ransomed files, you can still be hurt by so-called exfiltration, where ransomed data are exposed to the public (known as "doxxing"). Because new variants of ransomware are launched every day, there is no certainty that traditional signature-matching anti-virus filters will block the latest attack. If threat does appear in an email, it is critical that your end users have learned to identify phishing techniques. Your ultimate defense is a solid scheme for scheduling and keeping offsite backups and the use of reliable restoration platforms.
Ask Progent About the ProSight Ransomware Vulnerability Assessment in Bakersfield
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Assessment can bolster your defense against ransomware in Bakersfield, call Progent at 800-462-8800 or visit Contact Progent.