Ransomware has been weaponized by cyber extortionists and rogue states, posing a possibly lethal threat to companies that are successfully attacked. Modern versions of ransomware go after all vulnerable resources, including online backup, making even partial restoration a complex and expensive exercise. New versions of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Nephilim have emerged, replacing WannaCry, Spora, and Petya in prominence, sophistication, and destructiveness.
Most ransomware infections are the result of innocuous-seeming emails that have dangerous links or attachments, and a high percentage are so-called "zero-day" attacks that can escape the defenses of traditional signature-based antivirus (AV) tools. Although user training and frontline identification are critical to protect against ransomware attacks, best practices dictate that you assume some malware will inevitably succeed and that you prepare a strong backup mechanism that permits you to restore files and services rapidly with little if any damage.
Progent's ProSight Ransomware Preparedness Report is a low-cost service centered around a remote discussion with a Progent security consultant skilled in ransomware defense and repair. During this assessment Progent will collaborate with your Belo Horizonte IT management staff to collect critical information about your cybersecurity profile and backup environment. Progent will utilize this information to create a Basic Security and Best Practices Assessment detailing how to follow best practices for configuring and administering your security and backup solution to block or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Report focuses on key issues related to crypto-ransomware prevention and restoration recovery. The review covers:
- Effective use of administration accounts
- Appropriate NTFS (New Technology File System) and SMB authorizations
- Proper firewall settings
- Secure RDP connections
- Recommend AntiVirus (AV) tools identification and deployment
The online interview process included with the ProSight Ransomware Preparedness Report service lasts about one hour for the average small business and requires more time for larger or more complex IT environments. The written report includes suggestions for improving your ability to ward off or recover from a ransomware assault and Progent can provide on-demand expertise to help you to create an efficient security/backup system customized for your business requirements.
- Split permission model for backup integrity
- Protecting critical servers such as AD
- Offsite backups with cloud backup to Azure
Ransomware is a form of malicious software that encrypts or steals files so they cannot be used or are publicized. Crypto-ransomware sometimes locks the victim's computer. To avoid the carnage, the target is required to pay a certain amount of money, typically via a crypto currency like Bitcoin, within a short period of time. There is no guarantee that paying the extortion price will recover the damaged data or prevent its exposure to the public. Files can be altered or deleted across a network based on the victim's write permissions, and you cannot break the strong encryption technologies used on the hostage files. A typical ransomware delivery package is tainted email, in which the user is lured into interacting with by means of a social engineering technique called spear phishing. This causes the email message to look as though it came from a trusted sender. Another common attack vector is an improperly secured Remote Desktop Protocol port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by different versions of ransomware is estimated at billions of dollars per year, more than doubling every two years. Famous examples are WannaCry, and Petya. Current headline variants like Ryuk, Maze and CryptoWall are more complex and have wreaked more havoc than older versions. Even if your backup/recovery procedures enable you to restore your encrypted files, you can still be threatened by exfiltration, where stolen documents are made public. Because additional variants of ransomware are launched every day, there is no guarantee that traditional signature-based anti-virus filters will detect the latest malware. If threat does show up in an email, it is important that your users have learned to be aware of social engineering techniques. Your last line of protection is a sound scheme for performing and keeping remote backups and the use of reliable recovery tools.
Ask Progent About the ProSight Ransomware Susceptibility Assessment in Belo Horizonte
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Readiness Review can bolster your defense against ransomware in Belo Horizonte, phone Progent at 800-462-8800 or visit Contact Progent.