Ransomware has become the weapon of choice for the major cyber-crime organizations and malicious governments, representing a possibly existential risk to companies that are breached. The latest variations of crypto-ransomware target all vulnerable resources, including online backup, making even selective restoration a long and costly exercise. New versions of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Snatch and Egregor have emerged, displacing WannaCry, Spora, and CryptoWall in prominence, sophistication, and destructiveness.
Most crypto-ransomware breaches are caused by innocent-seeming emails that have dangerous links or file attachments, and many are "zero-day" strains that elude the defenses of legacy signature-matching antivirus (AV) filters. Although user education and frontline detection are critical to protect your network against ransomware attacks, best practices dictate that you take for granted some malware will eventually succeed and that you deploy a strong backup mechanism that permits you to recover rapidly with little if any damage.
Progent's ProSight Ransomware Preparedness Report is an ultra-affordable service built around a remote interview with a Progent security consultant skilled in ransomware defense and repair. In the course of this assessment Progent will work directly with your Barueri-Alphaville network management staff to gather pertinent information concerning your security posture and backup environment. Progent will use this information to generate a Basic Security and Best Practices Assessment detailing how to follow best practices for implementing and administering your cybersecurity and backup systems to block or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report focuses on key issues associated with crypto-ransomware prevention and restoration recovery. The review covers:
- Correct use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB permissions
- Optimal firewall setup
- Safe Remote Desktop Protocol configuration
- Advice about AntiVirus filtering selection and configuration
The remote interview for the ProSight Ransomware Vulnerability Report service takes about an hour for the average small business network and longer for larger or more complicated IT environments. The written report features recommendations for enhancing your ability to block or clean up after a ransomware assault and Progent offers on-demand consulting services to assist you to create an efficient security/data backup solution tailored to your specific requirements.
- Split permission architecture for backup protection
- Protecting required servers including Active Directory
- Offsite backups with cloud backup to Azure
Ransomware is a form of malicious software that encrypts or steals files so they cannot be used or are publicized. Crypto-ransomware often locks the target's computer. To avoid the carnage, the target is asked to send a certain amount of money (the ransom), typically in the form of a crypto currency like Bitcoin, within a brief time window. It is not guaranteed that delivering the extortion price will recover the lost files or prevent its publication. Files can be encrypted or deleted throughout a network based on the victim's write permissions, and you cannot break the military-grade encryption technologies used on the compromised files. A typical ransomware attack vector is booby-trapped email, in which the target is lured into responding to by a social engineering exploit called spear phishing. This makes the email to look as though it came from a familiar source. Another popular vulnerability is an improperly secured Remote Desktop Protocol port.
CryptoLocker opened the modern era of crypto-ransomware in 2013, and the damage caused by different strains of ransomware is estimated at billions of dollars per year, more than doubling every other year. Famous attacks are Locky, and NotPetya. Recent headline variants like Ryuk, Sodinokibi and Cerber are more complex and have caused more damage than earlier versions. Even if your backup procedures permit your business to recover your ransomed data, you can still be hurt by exfiltration, where stolen documents are made public. Because new versions of ransomware are launched daily, there is no guarantee that conventional signature-based anti-virus tools will block a new malware. If an attack does show up in an email, it is critical that your users have learned to identify phishing techniques. Your last line of protection is a solid process for performing and keeping offsite backups plus the deployment of reliable recovery tools.
Contact Progent About the ProSight Ransomware Preparedness Report in Barueri-Alphaville
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Vulnerability Assessment can bolster your defense against crypto-ransomware in Barueri-Alphaville, phone Progent at 800-462-8800 or visit Contact Progent.