Ransomware has been widely adopted by cyber extortionists and rogue states, posing a possibly existential risk to businesses that are victimized. Current versions of ransomware go after all vulnerable resources, including backup, making even partial recovery a long and expensive exercise. Novel strains of ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, LockBit and Nephilim have emerged, displacing Locky, TeslaCrypt, and NotPetya in prominence, elaborateness, and destructiveness.
90% of crypto-ransomware infections are caused by innocuous-seeming emails that include dangerous links or attachments, and many are "zero-day" variants that elude the defenses of legacy signature-based antivirus filters. Although user education and frontline identification are important to protect against ransomware attacks, best practices demand that you take for granted some attacks will eventually succeed and that you put in place a solid backup solution that permits you to restore files and services rapidly with minimal losses.
Progent's ProSight Ransomware Preparedness Checkup is a low-cost service built around a remote discussion with a Progent security expert skilled in ransomware protection and repair. In the course of this assessment Progent will work directly with your Bakersfield IT management staff to gather pertinent data concerning your cybersecurity setup and backup environment. Progent will use this information to generate a Basic Security and Best Practices Assessment detailing how to apply best practices for configuring and managing your security and backup systems to block or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights vital areas associated with crypto-ransomware prevention and restoration recovery. The review covers:
- Proper allocation and use of administration accounts
- Assigning NTFS and SMB authorizations
- Optimal firewall configuration
- Secure RDP access
- Advice about AntiVirus tools selection and configuration
The online interview process included with the ProSight Ransomware Preparedness Checkup service takes about one hour for the average small company and longer for bigger or more complex environments. The report document contains recommendations for enhancing your ability to block or clean up after a ransomware incident and Progent can provide as-needed expertise to assist your business to create an efficient cybersecurity/backup system tailored to your specific requirements.
- Split permission architecture for backup integrity
- Protecting required servers such as Active Directory
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a type of malicious software that encrypts or steals a victim's files so they cannot be used or are publicized. Ransomware often locks the victim's computer. To avoid the damage, the target is asked to pay a certain amount of money, usually via a crypto currency such as Bitcoin, within a brief period of time. It is not guaranteed that delivering the extortion price will recover the damaged files or avoid its publication. Files can be altered or erased throughout a network based on the target's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the hostage files. A common ransomware attack vector is booby-trapped email, in which the target is tricked into interacting with by a social engineering technique called spear phishing. This makes the email to look as though it came from a trusted sender. Another common attack vector is an improperly protected RDP port.
The ransomware variant CryptoLocker ushered in the modern era of ransomware in 2013, and the monetary losses attributed to by different versions of ransomware is said to be billions of dollars per year, more than doubling every two years. Notorious attacks are Locky, and Petya. Current headline threats like Ryuk, DoppelPaymer and Cerber are more complex and have caused more damage than earlier strains. Even if your backup processes permit your business to recover your encrypted data, you can still be threatened by so-called exfiltration, where ransomed documents are exposed to the public. Because additional versions of ransomware crop up every day, there is no guarantee that conventional signature-matching anti-virus filters will detect the latest malware. If an attack does show up in an email, it is important that your end users have been taught to identify social engineering techniques. Your last line of protection is a solid scheme for scheduling and retaining remote backups plus the deployment of dependable restoration tools.
Contact Progent About the ProSight Crypto-Ransomware Readiness Report in Bakersfield
For pricing information and to find out more about how Progent's ProSight Ransomware Vulnerability Checkup can enhance your defense against crypto-ransomware in Bakersfield, phone Progent at 800-462-8800 or visit Contact Progent.