Ransomware has become the weapon of choice for the major cyber-crime organizations and rogue governments, representing a potentially existential risk to businesses that fall victim. The latest versions of ransomware go after all vulnerable resources, including backup, making even selective recovery a long and expensive process. New versions of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch and Nephilim have made the headlines, replacing WannaCry, Spora, and Petya in notoriety, sophistication, and destructive impact.
Most ransomware infections come from innocent-looking emails with dangerous links or attachments, and many are "zero-day" strains that elude detection by traditional signature-matching antivirus (AV) tools. Although user education and up-front detection are important to protect your network against ransomware attacks, best practices dictate that you expect that some malware will eventually succeed and that you put in place a solid backup mechanism that enables you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service centered around a remote interview with a Progent security expert skilled in ransomware defense and recovery. During this interview Progent will collaborate with your Baltimore IT managers to collect pertinent data concerning your security posture and backup processes. Progent will utilize this data to create a Basic Security and Best Practices Report documenting how to apply best practices for implementing and administering your cybersecurity and backup solution to prevent or recover from a ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights vital areas related to ransomware defense and restoration recovery. The review covers:
Ransomware is a variety of malicious software that encrypts or steals files so they cannot be used or are publicized. Ransomware sometimes locks the victim's computer. To avoid the carnage, the target is asked to pay a certain ransom, usually in the form of a crypto currency like Bitcoin, within a brief period of time. There is no guarantee that delivering the ransom will restore the lost files or prevent its exposure to the public. Files can be altered or deleted across a network depending on the victim's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the hostage files. A typical ransomware attack vector is tainted email, whereby the user is lured into interacting with by a social engineering technique called spear phishing. This makes the email to appear to come from a familiar sender. Another popular attack vector is an improperly secured Remote Desktop Protocol port.
CryptoLocker opened the new age of crypto-ransomware in 2013, and the monetary losses attributed to by different strains of ransomware is estimated at billions of dollars annually, more than doubling every other year. Famous examples are WannaCry, and NotPetya. Recent high-profile threats like Ryuk, DoppelPaymer and Spora are more complex and have caused more damage than older strains. Even if your backup processes enable you to restore your ransomed files, you can still be threatened by exfiltration, where stolen documents are made public. Because new versions of ransomware are launched every day, there is no certainty that traditional signature-matching anti-virus tools will detect a new malware. If threat does appear in an email, it is critical that your end users have learned to be aware of phishing techniques. Your last line of defense is a solid process for performing and retaining remote backups and the deployment of dependable recovery platforms.
Ask Progent About the ProSight Ransomware Preparedness Consultation in Baltimore
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Consultation can enhance your protection against ransomware in Baltimore, call Progent at