Ransomware has become the weapon of choice for cybercriminals and rogue states, representing a potentially lethal risk to businesses that are victimized. Current strains of ransomware target all vulnerable resources, including backup, making even partial recovery a challenging and expensive process. Novel versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Snatch and Nephilim have emerged, displacing WannaCry, Spora, and CryptoWall in prominence, elaborateness, and destructive impact.
90% of crypto-ransomware breaches are the result of innocent-seeming emails with malicious hyperlinks or attachments, and many are "zero-day" attacks that can escape the defenses of traditional signature-matching antivirus filters. While user training and frontline detection are important to defend your network against ransomware attacks, leading practices dictate that you expect that some malware will eventually get through and that you implement a solid backup solution that permits you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Preparedness Report is a low-cost service built around an online interview with a Progent security expert skilled in ransomware protection and repair. In the course of this interview Progent will cooperate directly with your Bakersfield IT managers to collect pertinent data about your security posture and backup processes. Progent will utilize this data to produce a Basic Security and Best Practices Assessment documenting how to follow best practices for implementing and administering your security and backup solution to block or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights vital issues associated with ransomware prevention and restoration recovery. The report covers:
- Correct allocation and use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Optimal firewall setup
- Safe Remote Desktop Protocol (RDP) connections
- Guidance for AntiVirus (AV) filtering identification and configuration
The online interview included with the ProSight Ransomware Preparedness Checkup service takes about one hour for a typical small company and requires more time for bigger or more complex IT environments. The report document includes suggestions for enhancing your ability to ward off or recover from a ransomware assault and Progent offers as-needed consulting services to help you to design and deploy an efficient security/backup system tailored to your business requirements.
- Split permission model for backup protection
- Protecting required servers such as AD
- Offsite backups with cloud backup to Azure
Ransomware is a variety of malware that encrypts or steals a victim's files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To prevent the damage, the target is asked to send a certain amount of money (the ransom), typically in the form of a crypto currency such as Bitcoin, within a short period of time. There is no guarantee that delivering the ransom will restore the damaged data or avoid its exposure to the public. Files can be encrypted or erased across a network depending on the target's write permissions, and you cannot break the strong encryption technologies used on the compromised files. A common ransomware attack vector is spoofed email, in which the target is lured into interacting with by a social engineering technique called spear phishing. This causes the email message to appear to come from a familiar sender. Another popular attack vector is an improperly secured Remote Desktop Protocol port.
CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by the many versions of ransomware is estimated at billions of dollars per year, more than doubling every two years. Notorious attacks are WannaCry, and Petya. Recent high-profile variants like Ryuk, DoppelPaymer and Cerber are more sophisticated and have caused more havoc than earlier strains. Even if your backup procedures permit you to restore your encrypted data, you can still be threatened by so-called exfiltration, where stolen data are made public (known as "doxxing"). Because additional versions of ransomware crop up every day, there is no certainty that conventional signature-based anti-virus filters will detect the latest malware. If threat does appear in an email, it is critical that your users have learned to be aware of social engineering techniques. Your ultimate defense is a sound process for scheduling and retaining remote backups and the use of reliable recovery tools.
Ask Progent About the ProSight Crypto-Ransomware Preparedness Audit in Bakersfield
For pricing details and to find out more about how Progent's ProSight Ransomware Readiness Report can enhance your protection against ransomware in Bakersfield, phone Progent at 800-462-8800 or visit Contact Progent.