Ransomware has become the weapon of choice for the major cyber-crime organizations and bad-actor governments, representing a potentially existential risk to businesses that fall victim. The latest versions of crypto-ransomware go after all vulnerable resources, including online backup, making even selective recovery a long and expensive exercise. Novel variations of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Lockbit and Nephilim have emerged, replacing WannaCry, TeslaCrypt, and CryptoWall in notoriety, elaborateness, and destructiveness.
90% of ransomware penetrations are caused by innocent-seeming emails that have malicious links or file attachments, and many are so-called "zero-day" variants that elude the defenses of legacy signature-based antivirus tools. Although user training and up-front identification are critical to protect against ransomware, leading practices demand that you expect that some attacks will inevitably succeed and that you implement a strong backup mechanism that enables you to recover quickly with little if any losses.
Progent's ProSight Ransomware Vulnerability Assessment is an ultra-affordable service centered around an online interview with a Progent cybersecurity consultant experienced in ransomware defense and repair. In the course of this interview Progent will collaborate with your Belo Horizonte network management staff to gather critical information concerning your security configuration and backup processes. Progent will utilize this information to generate a Basic Security and Best Practices Assessment detailing how to adhere to leading practices for configuring and administering your cybersecurity and backup systems to prevent or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Report focuses on key areas related to ransomware prevention and restoration recovery. The report addresses:
- Proper allocation and use of administration accounts
- Correct NTFS and SMB authorizations
- Proper firewall settings
- Secure Remote Desktop Protocol access
- Recommend AntiVirus filtering identification and configuration
The remote interview included with the ProSight Ransomware Vulnerability Checkup service lasts about an hour for a typical small business and requires more time for larger or more complicated IT environments. The report document features recommendations for enhancing your ability to block or recover from a ransomware assault and Progent offers on-demand consulting services to help your business to create an efficient cybersecurity/backup system tailored to your specific requirements.
- Split permission architecture for backup integrity
- Protecting critical servers such as Active Directory
- Geographically dispersed backups including cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or deletes files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the target's computer. To prevent the carnage, the target is asked to send a specified amount of money, usually in the form of a crypto currency such as Bitcoin, within a short period of time. It is not guaranteed that paying the extortion price will recover the damaged files or prevent its exposure to the public. Files can be encrypted or deleted across a network based on the target's write permissions, and you cannot solve the military-grade encryption technologies used on the compromised files. A common ransomware attack vector is booby-trapped email, whereby the target is tricked into responding to by a social engineering technique known as spear phishing. This causes the email to appear to come from a trusted source. Another popular attack vector is a poorly protected Remote Desktop Protocol (RDP) port.
CryptoLocker opened the new age of crypto-ransomware in 2013, and the damage caused by different strains of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Notorious attacks include Locky, and Petya. Current headline variants like Ryuk, Maze and Cerber are more elaborate and have caused more havoc than earlier strains. Even if your backup processes enable you to restore your encrypted files, you can still be threatened by exfiltration, where ransomed documents are made public. Because additional variants of ransomware crop up daily, there is no certainty that conventional signature-matching anti-virus tools will detect the latest malware. If an attack does show up in an email, it is important that your end users have been taught to be aware of social engineering tricks. Your last line of defense is a solid process for scheduling and retaining offsite backups plus the deployment of reliable recovery platforms.
Contact Progent About the ProSight Crypto-Ransomware Readiness Audit in Belo Horizonte
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Report can bolster your defense against crypto-ransomware in Belo Horizonte, phone Progent at 800-462-8800 or see Contact Progent.