Ransomware has become the weapon of choice for cyber extortionists and bad-actor governments, posing a potentially lethal risk to companies that are victimized. Current strains of crypto-ransomware target everything, including backup, making even partial recovery a long and expensive process. New versions of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, LockBit and Nephilim have made the headlines, replacing Locky, Spora, and Petya in prominence, elaborateness, and destructiveness.
90% of ransomware infections come from innocuous-looking emails that include malicious hyperlinks or file attachments, and many are so-called "zero-day" attacks that can escape the defenses of traditional signature-based antivirus (AV) tools. While user training and up-front detection are critical to defend your network against ransomware attacks, leading practices demand that you take for granted some malware will inevitably get through and that you put in place a strong backup solution that allows you to recover rapidly with little if any damage.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around an online discussion with a Progent cybersecurity expert experienced in ransomware defense and recovery. During this interview Progent will collaborate with your Bakersfield network managers to gather pertinent information about your cybersecurity setup and backup processes. Progent will utilize this data to generate a Basic Security and Best Practices Assessment detailing how to apply leading practices for configuring and managing your cybersecurity and backup systems to block or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report focuses on vital issues related to ransomware defense and restoration recovery. The review covers:
- Proper use of admin accounts
- Appropriate NTFS and SMB authorizations
- Optimal firewall setup
- Secure Remote Desktop Protocol (RDP) configuration
- Guidance for AntiVirus (AV) tools identification and configuration
The online interview process for the ProSight Ransomware Vulnerability Report service takes about one hour for the average small business network and longer for larger or more complex environments. The report document includes suggestions for enhancing your ability to block or clean up after a ransomware incident and Progent can provide on-demand consulting services to assist your business to create a cost-effective security/backup solution tailored to your specific needs.
- Split permission architecture for backup integrity
- Protecting required servers such as AD
- Offsite backups with cloud backup to Azure
Ransomware is a variety of malicious software that encrypts or deletes a victim's files so they are unusable or are made publicly available. Crypto-ransomware often locks the victim's computer. To avoid the carnage, the victim is asked to send a certain amount of money (the ransom), typically in the form of a crypto currency such as Bitcoin, within a short time window. It is never certain that paying the extortion price will restore the damaged data or avoid its publication. Files can be altered or erased throughout a network based on the target's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the compromised files. A typical ransomware delivery package is booby-trapped email, whereby the victim is tricked into interacting with by a social engineering technique called spear phishing. This makes the email message to look as though it came from a trusted sender. Another common vulnerability is an improperly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the damage attributed to by different strains of ransomware is estimated at billions of dollars annually, more than doubling every other year. Notorious attacks are Locky, and Petya. Recent high-profile variants like Ryuk, DoppelPaymer and Cerber are more sophisticated and have wreaked more damage than earlier versions. Even if your backup/recovery processes permit your business to restore your encrypted files, you can still be threatened by exfiltration, where ransomed data are exposed to the public. Because new versions of ransomware crop up every day, there is no guarantee that conventional signature-matching anti-virus filters will detect a new malware. If threat does appear in an email, it is critical that your users have been taught to be aware of social engineering tricks. Your last line of defense is a solid scheme for performing and keeping offsite backups plus the use of dependable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Evaluation in Bakersfield
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Readiness Report can enhance your defense against crypto-ransomware in Bakersfield, phone Progent at 800-462-8800 or visit Contact Progent.