Ransomware has been widely adopted by cyber extortionists and malicious governments, representing a potentially existential threat to companies that fall victim. Current strains of ransomware target everything, including backup, making even selective recovery a complex and expensive process. New strains of ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have emerged, replacing Locky, Spora, and NotPetya in prominence, elaborateness, and destructive impact.
90% of crypto-ransomware infections are the result of innocent-seeming emails that have dangerous links or attachments, and a high percentage are so-called "zero-day" strains that elude the defenses of legacy signature-matching antivirus (AV) tools. Although user training and frontline identification are critical to defend your network against ransomware, leading practices dictate that you assume some malware will eventually get through and that you implement a strong backup mechanism that enables you to restore files and services rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Report is a low-cost service built around an online discussion with a Progent security consultant experienced in ransomware protection and repair. In the course of this interview Progent will work directly with your Beverly Hills IT management staff to gather pertinent information concerning your security posture and backup environment. Progent will utilize this data to produce a Basic Security and Best Practices Assessment documenting how to follow leading practices for implementing and administering your security and backup systems to block or recover from a ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights key areas related to crypto-ransomware prevention and restoration recovery. The report addresses:
- Correct use of admin accounts
- Correct NTFS and SMB (Server Message Block) permissions
- Optimal firewall configuration
- Safe Remote Desktop Protocol (RDP) connections
- Recommend AntiVirus (AV) filtering identification and deployment
The online interview for the ProSight Ransomware Preparedness Assessment service takes about an hour for the average small business and longer for bigger or more complex environments. The written report includes suggestions for improving your ability to block or recover from a ransomware assault and Progent can provide on-demand consulting services to help you and your IT staff to design and deploy an efficient security/backup system customized for your business requirements.
- Split permission architecture for backup protection
- Protecting required servers including AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a form of malicious software that encrypts or steals a victim's files so they are unusable or are publicized. Crypto-ransomware sometimes locks the victim's computer. To prevent the damage, the victim is required to send a certain amount of money (the ransom), typically via a crypto currency such as Bitcoin, within a brief time window. It is never certain that paying the ransom will restore the lost files or prevent its exposure to the public. Files can be encrypted or deleted across a network depending on the victim's write permissions, and you cannot reverse engineer the military-grade encryption algorithms used on the compromised files. A typical ransomware delivery package is spoofed email, in which the victim is tricked into interacting with by means of a social engineering technique called spear phishing. This makes the email to appear to come from a trusted sender. Another common vulnerability is an improperly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker opened the new age of crypto-ransomware in 2013, and the monetary losses attributed to by the many versions of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Notorious examples are WannaCry, and Petya. Current headline variants like Ryuk, DoppelPaymer and Spora are more complex and have caused more havoc than earlier strains. Even if your backup/recovery processes permit your business to recover your ransomed data, you can still be threatened by exfiltration, where ransomed data are exposed to the public. Because additional versions of ransomware crop up every day, there is no certainty that conventional signature-matching anti-virus filters will detect a new malware. If threat does appear in an email, it is important that your end users have learned to be aware of phishing tricks. Your last line of defense is a sound scheme for scheduling and keeping remote backups and the deployment of reliable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Readiness Report in Beverly Hills
For pricing information and to learn more about how Progent's ProSight Crypto-Ransomware Preparedness Testing can bolster your defense against ransomware in Beverly Hills, call Progent at 800-462-8800 or see Contact Progent.