Ransomware has been widely adopted by the major cyber-crime organizations and rogue governments, posing a possibly lethal threat to companies that are successfully attacked. Modern variations of ransomware go after everything, including backup, making even partial recovery a long and costly exercise. Novel versions of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have emerged, displacing WannaCry, Cerber, and Petya in prominence, elaborateness, and destructiveness.
90% of crypto-ransomware infections come from innocent-looking emails with dangerous hyperlinks or file attachments, and many are so-called "zero-day" attacks that elude the defenses of legacy signature-based antivirus filters. Although user training and frontline identification are important to protect against ransomware attacks, best practices demand that you assume some malware will inevitably get through and that you implement a strong backup solution that enables you to repair the damage rapidly with minimal losses.
Progent's ProSight Ransomware Vulnerability Report is a low-cost service centered around a remote interview with a Progent cybersecurity consultant experienced in ransomware protection and repair. During this interview Progent will cooperate directly with your Bellevue network management staff to gather critical information about your cybersecurity setup and backup processes. Progent will utilize this information to produce a Basic Security and Best Practices Report documenting how to follow leading practices for implementing and managing your security and backup solution to prevent or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment focuses on vital areas related to crypto-ransomware prevention and restoration recovery. The report addresses:
- Effective allocation and use of admin accounts
- Appropriate NTFS and SMB (Server Message Block) permissions
- Optimal firewall configuration
- Safe Remote Desktop Protocol (RDP) access
- Advice about AntiVirus (AV) tools identification and configuration
The online interview for the ProSight Ransomware Vulnerability Assessment service takes about an hour for a typical small business and requires more time for bigger or more complex IT environments. The written report includes recommendations for improving your ability to ward off or recover from a ransomware incident and Progent offers as-needed expertise to assist you to create an efficient security/data backup system customized for your specific needs.
- Split permission architecture for backup integrity
- Backing up required servers including AD
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or steals a victim's files so they are unusable or are publicized. Crypto-ransomware often locks the victim's computer. To prevent the carnage, the victim is required to pay a specified amount of money, typically via a crypto currency like Bitcoin, within a short period of time. It is never certain that delivering the extortion price will restore the lost data or avoid its publication. Files can be encrypted or deleted across a network depending on the victim's write permissions, and you cannot reverse engineer the strong encryption technologies used on the hostage files. A typical ransomware attack vector is tainted email, in which the target is lured into responding to by means of a social engineering technique called spear phishing. This makes the email message to look as though it came from a familiar sender. Another common vulnerability is an improperly secured RDP port.
CryptoLocker opened the new age of ransomware in 2013, and the damage attributed to by different versions of ransomware is said to be billions of dollars annually, more than doubling every two years. Notorious examples include WannaCry, and NotPetya. Recent high-profile variants like Ryuk, Sodinokibi and TeslaCrypt are more sophisticated and have caused more damage than earlier strains. Even if your backup/recovery procedures allow you to recover your ransomed data, you can still be threatened by exfiltration, where ransomed documents are exposed to the public. Because new versions of ransomware are launched every day, there is no certainty that conventional signature-based anti-virus filters will block the latest attack. If an attack does show up in an email, it is critical that your end users have learned to be aware of social engineering techniques. Your ultimate protection is a sound process for scheduling and retaining offsite backups plus the deployment of dependable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Readiness Assessment in Bellevue
For pricing details and to learn more about how Progent's ProSight Ransomware Preparedness Audit can bolster your protection against ransomware in Bellevue, call Progent at 800-462-8800 or see Contact Progent.