Ransomware has become the weapon of choice for cyber extortionists and malicious governments, representing a possibly lethal risk to businesses that are breached. Current variations of ransomware target everything, including backup, making even partial recovery a long and costly process. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch and Egregor have emerged, replacing Locky, TeslaCrypt, and NotPetya in notoriety, sophistication, and destructive impact.
90% of crypto-ransomware penetrations are caused by innocuous-seeming emails that include dangerous links or file attachments, and many are "zero-day" strains that elude the defenses of traditional signature-based antivirus (AV) tools. While user training and frontline detection are critical to defend against ransomware, leading practices demand that you assume some attacks will inevitably get through and that you prepare a strong backup solution that enables you to repair the damage quickly with minimal losses.
Progent's ProSight Ransomware Preparedness Assessment is an ultra-affordable service built around an online discussion with a Progent security consultant experienced in ransomware protection and recovery. During this interview Progent will collaborate with your Barueri-Alphaville IT management staff to collect critical information about your security setup and backup environment. Progent will utilize this information to generate a Basic Security and Best Practices Report documenting how to adhere to leading practices for configuring and managing your cybersecurity and backup systems to block or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report focuses on vital issues associated with ransomware defense and restoration recovery. The review covers:
- Proper use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB permissions
- Optimal firewall configuration
- Secure RDP connections
- Recommend AntiVirus filtering selection and deployment
The remote interview included with the ProSight Ransomware Vulnerability Checkup service takes about one hour for the average small business network and requires more time for bigger or more complicated environments. The report document contains recommendations for improving your ability to block or recover from a ransomware assault and Progent can provide on-demand consulting services to help you and your IT staff to create a cost-effective security/backup solution tailored to your specific needs.
- Split permission architecture for backup protection
- Backing up key servers including AD
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a variety of malware that encrypts or steals a victim's files so they are unusable or are made publicly available. Ransomware often locks the victim's computer. To prevent the carnage, the target is required to send a specified amount of money, typically via a crypto currency such as Bitcoin, within a brief time window. It is not guaranteed that paying the ransom will restore the damaged files or avoid its exposure to the public. Files can be encrypted or erased across a network depending on the target's write permissions, and you cannot reverse engineer the military-grade encryption technologies used on the compromised files. A common ransomware attack vector is tainted email, in which the user is lured into responding to by a social engineering exploit called spear phishing. This causes the email to look as though it came from a trusted sender. Another popular vulnerability is an improperly protected RDP port.
CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the damage attributed to by different strains of ransomware is said to be billions of dollars annually, roughly doubling every two years. Notorious examples are Locky, and NotPetya. Current headline variants like Ryuk, Maze and Spora are more complex and have wreaked more damage than earlier versions. Even if your backup procedures allow your business to recover your ransomed files, you can still be hurt by exfiltration, where stolen documents are made public (known as "doxxing"). Because new versions of ransomware are launched every day, there is no guarantee that conventional signature-based anti-virus tools will detect the latest malware. If threat does appear in an email, it is important that your users have learned to identify social engineering tricks. Your ultimate defense is a solid scheme for scheduling and keeping offsite backups and the deployment of dependable restoration tools.
Contact Progent About the ProSight Ransomware Vulnerability Audit in Barueri-Alphaville
For pricing details and to find out more about how Progent's ProSight Ransomware Preparedness Checkup can enhance your defense against ransomware in Barueri-Alphaville, call Progent at 800-462-8800 or see Contact Progent.