Ransomware has been weaponized by cyber extortionists and bad-actor governments, posing a possibly lethal risk to companies that are victimized. The latest strains of ransomware target everything, including backup, making even selective recovery a challenging and expensive process. New strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Conti and Egregor have emerged, replacing WannaCry, Cerber, and Petya in notoriety, sophistication, and destructive impact.
Most ransomware infections are caused by innocuous-looking emails with dangerous hyperlinks or attachments, and many are "zero-day" strains that elude detection by traditional signature-matching antivirus (AV) filters. While user training and up-front identification are important to protect against ransomware, best practices demand that you expect that some attacks will inevitably get through and that you put in place a solid backup mechanism that enables you to restore files and services quickly with minimal damage.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service built around a remote interview with a Progent cybersecurity expert experienced in ransomware protection and recovery. In the course of this assessment Progent will cooperate with your Baltimore IT managers to collect pertinent information concerning your security setup and backup processes. Progent will utilize this information to produce a Basic Security and Best Practices Report detailing how to follow best practices for implementing and managing your security and backup solution to prevent or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key issues related to crypto-ransomware prevention and restoration recovery. The review covers:
Security
About Ransomware
Ransomware is a form of malware that encrypts or deletes a victim's files so they are unusable or are made publicly available. Ransomware often locks the victim's computer. To prevent the carnage, the victim is required to send a specified amount of money (the ransom), typically in the form of a crypto currency like Bitcoin, within a short time window. There is no guarantee that delivering the extortion price will restore the lost files or prevent its exposure to the public. Files can be encrypted or erased across a network depending on the victim's write permissions, and you cannot break the military-grade encryption technologies used on the compromised files. A common ransomware delivery package is booby-trapped email, in which the victim is lured into interacting with by means of a social engineering technique called spear phishing. This causes the email to appear to come from a trusted sender. Another popular attack vector is an improperly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses attributed to by different strains of ransomware is said to be billions of dollars annually, roughly doubling every two years. Notorious examples are WannaCry, and NotPetya. Recent headline variants like Ryuk, DoppelPaymer and Spora are more elaborate and have wreaked more damage than earlier versions. Even if your backup/recovery procedures permit your business to restore your encrypted data, you can still be threatened by exfiltration, where ransomed documents are made public (known as "doxxing"). Because additional versions of ransomware are launched every day, there is no guarantee that conventional signature-based anti-virus tools will block the latest malware. If an attack does show up in an email, it is critical that your end users have been taught to identify phishing techniques. Your ultimate protection is a sound scheme for scheduling and retaining offsite backups and the deployment of reliable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Report in Baltimore
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Susceptibility Consultation can bolster your defense against ransomware in Baltimore, phone Progent at