Ransomware has become the weapon of choice for the major cyber-crime organizations and bad-actor states, representing a potentially existential risk to companies that are successfully attacked. The latest strains of ransomware go after everything, including backup, making even partial restoration a complex and expensive process. Novel variations of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Snatch and Egregor have emerged, displacing Locky, Cerber, and CryptoWall in prominence, sophistication, and destructiveness.
Most ransomware penetrations come from innocent-seeming emails that include dangerous hyperlinks or attachments, and a high percentage are "zero-day" strains that can escape the defenses of legacy signature-matching antivirus (AV) tools. While user education and up-front identification are important to protect against ransomware, leading practices dictate that you assume some attacks will inevitably succeed and that you deploy a solid backup mechanism that enables you to restore files and services rapidly with little if any damage.
Progent's ProSight Ransomware Preparedness Assessment is a low-cost service built around an online interview with a Progent cybersecurity consultant experienced in ransomware defense and recovery. During this assessment Progent will work with your Belo Horizonte network managers to collect pertinent information concerning your security profile and backup processes. Progent will use this data to produce a Basic Security and Best Practices Assessment documenting how to adhere to leading practices for configuring and administering your security and backup solution to prevent or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Assessment focuses on key issues related to crypto-ransomware prevention and restoration recovery. The review addresses:
Cybersecurity
About Ransomware
Ransomware is a form of malicious software that encrypts or deletes files so they cannot be used or are publicized. Crypto-ransomware often locks the target's computer. To avoid the carnage, the victim is asked to send a specified ransom, typically via a crypto currency like Bitcoin, within a brief period of time. There is no guarantee that delivering the ransom will recover the lost files or avoid its exposure to the public. Files can be encrypted or erased across a network depending on the victim's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the hostage files. A common ransomware attack vector is tainted email, whereby the victim is tricked into interacting with by a social engineering exploit known as spear phishing. This causes the email to look as though it came from a trusted source. Another popular attack vector is a poorly protected RDP port.
CryptoLocker ushered in the modern era of crypto-ransomware in 2013, and the damage caused by the many strains of ransomware is said to be billions of dollars per year, roughly doubling every other year. Famous examples include WannaCry, and NotPetya. Recent headline threats like Ryuk, Sodinokibi and Cerber are more sophisticated and have caused more damage than older strains. Even if your backup processes permit you to recover your encrypted data, you can still be hurt by exfiltration, where stolen data are made public (known as "doxxing"). Because additional variants of ransomware crop up every day, there is no certainty that traditional signature-based anti-virus filters will block the latest attack. If threat does appear in an email, it is critical that your end users have learned to identify phishing techniques. Your ultimate defense is a sound process for performing and keeping remote backups and the use of reliable restoration platforms.
Ask Progent About the ProSight Ransomware Susceptibility Assessment in Belo Horizonte
For pricing information and to find out more about how Progent's ProSight Ransomware Readiness Testing can enhance your protection against crypto-ransomware in Belo Horizonte, phone Progent at