Ransomware has been weaponized by the major cyber-crime organizations and rogue states, posing a potentially lethal risk to businesses that are successfully attacked. Modern variations of crypto-ransomware go after everything, including online backup, making even partial recovery a complex and expensive exercise. New variations of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Lockbit and Nephilim have made the headlines, replacing Locky, Spora, and CryptoWall in notoriety, sophistication, and destructiveness.
Most ransomware infections come from innocuous-looking emails that have malicious hyperlinks or attachments, and many are so-called "zero-day" strains that can escape detection by legacy signature-based antivirus (AV) filters. While user training and frontline detection are important to defend against ransomware attacks, best practices dictate that you expect that some attacks will inevitably get through and that you prepare a solid backup mechanism that enables you to repair the damage quickly with minimal losses.
Progent's ProSight Ransomware Vulnerability Assessment is an ultra-affordable service built around an online discussion with a Progent security expert skilled in ransomware defense and repair. In the course of this interview Progent will work directly with your Bellevue IT managers to collect pertinent data concerning your security configuration and backup environment. Progent will use this data to create a Basic Security and Best Practices Report detailing how to apply best practices for configuring and administering your cybersecurity and backup systems to block or recover from a ransomware assault.
Progent's Basic Security and Best Practices Report highlights key issues related to crypto-ransomware defense and restoration recovery. The review covers:
- Effective use of admin accounts
- Assigning NTFS and SMB (Server Message Block) authorizations
- Proper firewall configuration
- Secure Remote Desktop Protocol access
- Advice about AntiVirus tools identification and deployment
The online interview included with the ProSight Ransomware Preparedness Report service lasts about one hour for the average small company and longer for bigger or more complicated IT environments. The written report includes suggestions for enhancing your ability to ward off or recover from a ransomware assault and Progent offers on-demand consulting services to assist you and your IT staff to create an efficient cybersecurity/data backup system tailored to your business requirements.
- Split permission model for backup protection
- Backing up key servers such as Active Directory
- Offsite backups including cloud backup to Azure
Ransomware is a type of malicious software that encrypts or deletes files so they cannot be used or are made publicly available. Ransomware sometimes locks the target's computer. To avoid the damage, the victim is asked to send a certain amount of money, usually in the form of a crypto currency like Bitcoin, within a brief time window. It is not guaranteed that paying the extortion price will recover the lost files or prevent its publication. Files can be encrypted or deleted across a network based on the victim's write permissions, and you cannot solve the strong encryption algorithms used on the hostage files. A typical ransomware attack vector is tainted email, whereby the target is lured into interacting with by means of a social engineering technique known as spear phishing. This makes the email message to look as though it came from a familiar sender. Another popular attack vector is an improperly protected RDP port.
CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses attributed to by different versions of ransomware is said to be billions of dollars per year, more than doubling every other year. Famous attacks include WannaCry, and Petya. Current high-profile threats like Ryuk, Maze and TeslaCrypt are more complex and have wreaked more havoc than earlier strains. Even if your backup processes allow you to recover your encrypted data, you can still be threatened by exfiltration, where stolen data are made public (known as "doxxing"). Because new variants of ransomware are launched daily, there is no guarantee that conventional signature-based anti-virus filters will detect a new malware. If an attack does show up in an email, it is important that your users have been taught to be aware of social engineering techniques. Your last line of defense is a sound process for scheduling and keeping offsite backups and the use of reliable restoration tools.
Contact Progent About the ProSight Crypto-Ransomware Vulnerability Evaluation in Bellevue
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Testing can bolster your defense against ransomware in Bellevue, call Progent at 800-993-9400 or see Contact Progent.