Ransomware has been widely adopted by the major cyber-crime organizations and bad-actor states, posing a potentially existential threat to companies that are successfully attacked. The latest variations of crypto-ransomware go after everything, including backup, making even partial recovery a long and expensive exercise. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, LockBit and Nephilim have emerged, replacing Locky, Spora, and NotPetya in notoriety, sophistication, and destructive impact.
90% of crypto-ransomware infections are the result of innocent-looking emails with malicious hyperlinks or attachments, and a high percentage are "zero-day" variants that elude detection by legacy signature-based antivirus (AV) filters. While user education and up-front identification are critical to defend against ransomware, leading practices demand that you expect that some malware will inevitably succeed and that you put in place a solid backup mechanism that enables you to recover rapidly with minimal losses.
Progent's ProSight Ransomware Preparedness Assessment is an ultra-affordable service centered around an online discussion with a Progent security consultant skilled in ransomware protection and repair. In the course of this interview Progent will collaborate directly with your Baltimore network management staff to collect pertinent information concerning your cybersecurity setup and backup environment. Progent will utilize this data to produce a Basic Security and Best Practices Report documenting how to adhere to best practices for configuring and managing your cybersecurity and backup solution to prevent or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report focuses on key issues related to ransomware defense and restoration recovery. The review covers:
- Effective allocation and use of administration accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Optimal firewall settings
- Secure Remote Desktop Protocol access
- Guidance for AntiVirus filtering identification and configuration
The online interview process for the ProSight Ransomware Vulnerability Assessment service takes about one hour for a typical small business network and longer for bigger or more complicated environments. The written report features recommendations for enhancing your ability to block or recover from a ransomware assault and Progent can provide on-demand consulting services to assist you to create an efficient cybersecurity/backup system tailored to your specific needs.
- Split permission model for backup protection
- Protecting required servers including Active Directory
- Offsite backups including cloud backup to Azure
Ransomware is a variety of malicious software that encrypts or steals files so they are unusable or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the carnage, the victim is required to send a certain ransom, usually in the form of a crypto currency like Bitcoin, within a short time window. There is no guarantee that delivering the extortion price will recover the lost data or prevent its exposure to the public. Files can be encrypted or deleted throughout a network based on the target's write permissions, and you cannot break the strong encryption technologies used on the hostage files. A typical ransomware attack vector is tainted email, whereby the user is tricked into responding to by means of a social engineering technique known as spear phishing. This causes the email to look as though it came from a trusted source. Another popular vulnerability is an improperly secured Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by different strains of ransomware is said to be billions of dollars annually, roughly doubling every other year. Famous examples include Locky, and NotPetya. Current high-profile threats like Ryuk, Sodinokibi and Spora are more elaborate and have caused more havoc than earlier versions. Even if your backup procedures enable you to recover your encrypted data, you can still be hurt by so-called exfiltration, where stolen data are exposed to the public (known as "doxxing"). Because new variants of ransomware crop up daily, there is no guarantee that conventional signature-based anti-virus filters will block a new malware. If an attack does appear in an email, it is important that your users have been taught to identify phishing tricks. Your last line of protection is a sound process for performing and keeping offsite backups plus the deployment of dependable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Susceptibility Report in Baltimore
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Report can bolster your defense against crypto-ransomware in Baltimore, call Progent at 800-462-8800 or visit Contact Progent.