Ransomware has been widely adopted by the major cyber-crime organizations and rogue governments, representing a possibly existential risk to businesses that are breached. The latest versions of ransomware target all vulnerable resources, including online backup, making even partial recovery a long and expensive process. New variations of ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Lockbit and Nephilim have emerged, displacing Locky, TeslaCrypt, and Petya in prominence, elaborateness, and destructive impact.
Most crypto-ransomware infections come from innocuous-seeming emails that have dangerous links or file attachments, and a high percentage are "zero-day" variants that can escape detection by traditional signature-based antivirus filters. Although user education and up-front detection are important to protect your network against ransomware attacks, leading practices demand that you assume some malware will eventually succeed and that you prepare a strong backup solution that allows you to recover quickly with minimal losses.
Progent's ProSight Ransomware Vulnerability Report is a low-cost service built around a remote interview with a Progent security expert skilled in ransomware protection and recovery. During this interview Progent will work directly with your Beverly Hills IT management staff to gather critical data concerning your security setup and backup processes. Progent will utilize this information to create a Basic Security and Best Practices Report documenting how to adhere to best practices for implementing and administering your cybersecurity and backup systems to block or recover from a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights key issues related to ransomware prevention and restoration recovery. The review covers:
- Proper allocation and use of admin accounts
- Appropriate NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Optimal firewall settings
- Secure Remote Desktop Protocol (RDP) configuration
- Guidance for AntiVirus filtering selection and configuration
The online interview process included with the ProSight Ransomware Vulnerability Assessment service lasts about one hour for a typical small company and longer for bigger or more complex IT environments. The written report contains suggestions for enhancing your ability to block or clean up after a ransomware attack and Progent can provide as-needed consulting services to help you and your IT staff to create a cost-effective cybersecurity/backup system customized for your specific requirements.
- Split permission architecture for backup protection
- Protecting key servers such as Active Directory
- Geographically dispersed backups with cloud backup to Microsoft Azure
Ransomware is a type of malware that encrypts or deletes files so they cannot be used or are made publicly available. Crypto-ransomware sometimes locks the victim's computer. To prevent the damage, the target is required to pay a specified amount of money, usually in the form of a crypto currency like Bitcoin, within a brief time window. It is never certain that delivering the extortion price will restore the damaged files or avoid its publication. Files can be encrypted or deleted across a network depending on the victim's write permissions, and you cannot break the strong encryption algorithms used on the hostage files. A common ransomware attack vector is booby-trapped email, in which the victim is lured into responding to by means of a social engineering technique called spear phishing. This makes the email to look as though it came from a familiar sender. Another common attack vector is a poorly protected Remote Desktop Protocol (RDP) port.
CryptoLocker ushered in the new age of ransomware in 2013, and the damage caused by different strains of ransomware is estimated at billions of dollars per year, more than doubling every other year. Notorious attacks are WannaCry, and Petya. Recent headline variants like Ryuk, Sodinokibi and TeslaCrypt are more complex and have caused more havoc than older strains. Even if your backup/recovery processes enable your business to recover your ransomed data, you can still be threatened by so-called exfiltration, where ransomed documents are exposed to the public (known as "doxxing"). Because additional versions of ransomware are launched every day, there is no certainty that conventional signature-matching anti-virus tools will block a new malware. If an attack does appear in an email, it is critical that your end users have been taught to be aware of social engineering techniques. Your ultimate protection is a solid scheme for performing and retaining offsite backups plus the deployment of reliable recovery tools.
Ask Progent About the ProSight Crypto-Ransomware Susceptibility Assessment in Beverly Hills
For pricing details and to learn more about how Progent's ProSight Crypto-Ransomware Susceptibility Audit can bolster your protection against crypto-ransomware in Beverly Hills, call Progent at 800-993-9400 or visit Contact Progent.