Ransomware has been widely adopted by cyber extortionists and rogue states, posing a potentially lethal threat to businesses that are victimized. Current variations of crypto-ransomware target everything, including online backup, making even selective restoration a challenging and costly process. New variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Egregor have made the headlines, displacing WannaCry, TeslaCrypt, and CryptoWall in notoriety, elaborateness, and destructiveness.
Most ransomware penetrations are caused by innocuous-seeming emails that have malicious links or attachments, and a high percentage are "zero-day" strains that elude detection by legacy signature-based antivirus (AV) filters. Although user training and frontline identification are critical to protect against ransomware attacks, best practices demand that you expect that some malware will inevitably succeed and that you deploy a strong backup mechanism that enables you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Vulnerability Assessment is an ultra-affordable service centered around a remote interview with a Progent cybersecurity expert skilled in ransomware protection and repair. In the course of this assessment Progent will collaborate directly with your Bellevue network managers to gather critical data concerning your security configuration and backup processes. Progent will use this data to produce a Basic Security and Best Practices Assessment detailing how to follow best practices for configuring and administering your security and backup solution to prevent or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report highlights vital issues associated with ransomware defense and restoration recovery. The review covers:
- Effective allocation and use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Proper firewall setup
- Secure Remote Desktop Protocol connections
- Advice about AntiVirus (AV) filtering identification and configuration
The remote interview included with the ProSight Ransomware Preparedness Report service takes about one hour for the average small business and longer for larger or more complex environments. The report document contains recommendations for improving your ability to block or recover from a ransomware assault and Progent offers as-needed consulting services to help your business to design and deploy an efficient security/backup solution tailored to your specific needs.
- Split permission model for backup protection
- Backing up critical servers including Active Directory
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a variety of malware that encrypts or steals files so they are unusable or are publicized. Ransomware sometimes locks the target's computer. To avoid the damage, the victim is asked to send a certain amount of money (the ransom), typically via a crypto currency like Bitcoin, within a short period of time. It is never certain that delivering the ransom will restore the damaged data or avoid its publication. Files can be altered or erased throughout a network depending on the victim's write permissions, and you cannot solve the strong encryption technologies used on the compromised files. A typical ransomware delivery package is tainted email, whereby the target is tricked into interacting with by a social engineering technique known as spear phishing. This makes the email message to appear to come from a trusted source. Another common vulnerability is an improperly protected RDP port.
CryptoLocker ushered in the new age of crypto-ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is said to be billions of dollars annually, more than doubling every other year. Famous attacks are WannaCry, and Petya. Current headline variants like Ryuk, Sodinokibi and CryptoWall are more complex and have caused more damage than earlier versions. Even if your backup procedures permit you to recover your ransomed data, you can still be hurt by so-called exfiltration, where ransomed data are made public (known as "doxxing"). Because additional variants of ransomware crop up every day, there is no guarantee that traditional signature-matching anti-virus tools will detect a new malware. If threat does appear in an email, it is critical that your users have learned to identify phishing tricks. Your ultimate defense is a sound process for scheduling and retaining offsite backups plus the deployment of dependable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Report in Bellevue
For pricing information and to find out more about how Progent's ProSight Ransomware Susceptibility Evaluation can enhance your protection against ransomware in Bellevue, call Progent at 800-462-8800 or see Contact Progent.