Ransomware has been weaponized by the major cyber-crime organizations and malicious governments, representing a potentially existential risk to businesses that are successfully attacked. The latest variations of ransomware target all vulnerable resources, including backup, making even partial restoration a long and costly process. New strains of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Conti and Nephilim have emerged, replacing WannaCry, Cerber, and Petya in prominence, sophistication, and destructiveness.
Most crypto-ransomware breaches come from innocent-looking emails that have malicious hyperlinks or attachments, and many are "zero-day" strains that can escape the defenses of traditional signature-matching antivirus filters. While user education and up-front identification are critical to protect against ransomware attacks, best practices dictate that you expect that some attacks will inevitably succeed and that you prepare a solid backup mechanism that permits you to restore files and services rapidly with little if any damage.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service centered around a remote discussion with a Progent cybersecurity expert experienced in ransomware defense and recovery. In the course of this assessment Progent will collaborate with your Beverly Hills network management staff to gather pertinent data about your cybersecurity profile and backup environment. Progent will utilize this information to produce a Basic Security and Best Practices Report detailing how to adhere to leading practices for implementing and administering your security and backup systems to block or recover from a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment highlights vital issues related to crypto-ransomware defense and restoration recovery. The report covers:
- Correct allocation and use of administration accounts
- Assigning NTFS and SMB authorizations
- Optimal firewall configuration
- Safe Remote Desktop Protocol connections
- Guidance for AntiVirus (AV) tools identification and deployment
The online interview process for the ProSight Ransomware Preparedness Report service lasts about one hour for the average small company and longer for bigger or more complex IT environments. The report document contains recommendations for improving your ability to ward off or clean up after a ransomware assault and Progent offers as-needed consulting services to assist you and your IT staff to create a cost-effective cybersecurity/backup solution tailored to your specific requirements.
- Split permission architecture for backup integrity
- Backing up required servers including Active Directory
- Offsite backups including cloud backup to Azure
Ransomware is a variety of malicious software that encrypts or deletes files so they are unusable or are publicized. Crypto-ransomware often locks the victim's computer. To prevent the carnage, the victim is asked to pay a specified amount of money, usually via a crypto currency such as Bitcoin, within a short period of time. It is never certain that paying the ransom will recover the damaged data or avoid its exposure to the public. Files can be encrypted or erased across a network based on the target's write permissions, and you cannot break the military-grade encryption technologies used on the compromised files. A typical ransomware delivery package is booby-trapped email, in which the victim is tricked into responding to by means of a social engineering exploit called spear phishing. This makes the email message to appear to come from a familiar sender. Another popular vulnerability is a poorly secured RDP port.
The ransomware variant CryptoLocker ushered in the modern era of ransomware in 2013, and the monetary losses attributed to by the many strains of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Notorious examples are WannaCry, and NotPetya. Recent high-profile variants like Ryuk, DoppelPaymer and CryptoWall are more complex and have wreaked more damage than earlier versions. Even if your backup/recovery procedures allow you to restore your encrypted files, you can still be threatened by so-called exfiltration, where stolen data are exposed to the public. Because additional variants of ransomware are launched daily, there is no guarantee that traditional signature-based anti-virus filters will detect a new malware. If threat does show up in an email, it is important that your end users have been taught to identify social engineering tricks. Your last line of defense is a solid process for scheduling and keeping offsite backups and the use of reliable restoration platforms.
Ask Progent About the ProSight Crypto-Ransomware Preparedness Checkup in Beverly Hills
For pricing information and to find out more about how Progent's ProSight Crypto-Ransomware Susceptibility Checkup can enhance your defense against crypto-ransomware in Beverly Hills, phone Progent at 800-462-8800 or visit Contact Progent.