Ransomware has become the weapon of choice for cyber extortionists and malicious governments, posing a potentially existential threat to businesses that fall victim. The latest versions of crypto-ransomware target all vulnerable resources, including backup, making even partial recovery a challenging and costly process. Novel variations of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), Phobos, Conti and Egregor have emerged, replacing WannaCry, Cerber, and CryptoWall in prominence, sophistication, and destructive impact.
90% of ransomware breaches are the result of innocuous-seeming emails that include dangerous hyperlinks or file attachments, and many are so-called "zero-day" attacks that elude detection by legacy signature-matching antivirus (AV) tools. Although user education and up-front detection are critical to protect against ransomware attacks, leading practices dictate that you take for granted some malware will eventually succeed and that you put in place a strong backup solution that enables you to recover quickly with little if any losses.
Progent's ProSight Ransomware Vulnerability Assessment is an ultra-affordable service centered around an online interview with a Progent security consultant skilled in ransomware protection and recovery. In the course of this interview Progent will work with your Beverly Hills IT management staff to collect pertinent information about your security configuration and backup processes. Progent will utilize this data to generate a Basic Security and Best Practices Report documenting how to adhere to best practices for implementing and administering your cybersecurity and backup systems to block or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Report highlights key areas associated with crypto-ransomware prevention and restoration recovery. The report covers:
- Proper allocation and use of administration accounts
- Appropriate NTFS and SMB authorizations
- Optimal firewall setup
- Safe Remote Desktop Protocol (RDP) access
- Advice about AntiVirus (AV) tools identification and configuration
The online interview process included with the ProSight Ransomware Preparedness Checkup service lasts about one hour for a typical small company and longer for bigger or more complicated environments. The written report contains suggestions for improving your ability to block or recover from a ransomware attack and Progent can provide as-needed expertise to assist you and your IT staff to create a cost-effective security/backup system tailored to your business requirements.
- Split permission model for backup protection
- Protecting required servers such as AD
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or steals a victim's files so they cannot be used or are made publicly available. Ransomware often locks the victim's computer. To prevent the carnage, the target is required to send a specified amount of money, typically in the form of a crypto currency like Bitcoin, within a short time window. It is not guaranteed that delivering the extortion price will recover the lost files or prevent its publication. Files can be encrypted or erased across a network based on the victim's write permissions, and you cannot break the strong encryption technologies used on the compromised files. A typical ransomware delivery package is tainted email, in which the user is lured into responding to by means of a social engineering exploit known as spear phishing. This causes the email message to look as though it came from a trusted source. Another popular attack vector is a poorly secured RDP port.
CryptoLocker opened the modern era of crypto-ransomware in 2013, and the damage attributed to by different versions of ransomware is estimated at billions of dollars annually, more than doubling every two years. Famous attacks include WannaCry, and NotPetya. Current headline threats like Ryuk, DoppelPaymer and Cerber are more elaborate and have wreaked more havoc than older versions. Even if your backup/recovery processes allow you to restore your encrypted files, you can still be threatened by so-called exfiltration, where stolen documents are exposed to the public (known as "doxxing"). Because new variants of ransomware crop up daily, there is no certainty that traditional signature-based anti-virus filters will detect a new malware. If an attack does show up in an email, it is critical that your users have been taught to be aware of social engineering techniques. Your last line of defense is a solid process for performing and keeping remote backups and the use of reliable recovery platforms.
Ask Progent About the ProSight Ransomware Susceptibility Review in Beverly Hills
For pricing details and to learn more about how Progent's ProSight Ransomware Susceptibility Consultation can bolster your protection against ransomware in Beverly Hills, phone Progent at 800-462-8800 or see Contact Progent.