Ransomware has been widely adopted by cybercriminals and malicious governments, posing a possibly existential risk to businesses that are breached. Modern versions of crypto-ransomware target all vulnerable resources, including online backup, making even partial recovery a long and expensive process. Novel versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Nephilim have made the headlines, displacing WannaCry, Cerber, and Petya in prominence, sophistication, and destructive impact.
90% of ransomware breaches are the result of innocuous-seeming emails that have dangerous links or attachments, and a high percentage are so-called "zero-day" variants that can escape the defenses of legacy signature-based antivirus (AV) filters. Although user training and up-front detection are critical to protect against ransomware attacks, leading practices dictate that you expect that some malware will inevitably get through and that you put in place a strong backup mechanism that allows you to restore files and services quickly with little if any damage.
Progent's ProSight Ransomware Vulnerability Report is an ultra-affordable service centered around an online discussion with a Progent cybersecurity expert skilled in ransomware defense and repair. In the course of this interview Progent will collaborate directly with your Beverly Hills IT managers to gather pertinent information about your security setup and backup processes. Progent will use this data to produce a Basic Security and Best Practices Assessment documenting how to adhere to leading practices for configuring and managing your cybersecurity and backup systems to block or clean up after a crypto-ransomware attack.
Progent's Basic Security and Best Practices Assessment focuses on key issues associated with ransomware defense and restoration recovery. The report covers:
- Effective allocation and use of administration accounts
- Assigning NTFS and SMB (Server Message Block) permissions
- Optimal firewall settings
- Safe Remote Desktop Protocol configuration
- Guidance for AntiVirus filtering identification and configuration
The online interview for the ProSight Ransomware Vulnerability Assessment service lasts about an hour for the average small business and requires more time for larger or more complex environments. The report document includes suggestions for improving your ability to block or clean up after a ransomware assault and Progent can provide as-needed expertise to assist your business to create a cost-effective cybersecurity/data backup system customized for your business requirements.
- Split permission model for backup integrity
- Protecting required servers including Active Directory
- Offsite backups including cloud backup to Microsoft Azure
Ransomware is a variety of malicious software that encrypts or deletes files so they cannot be used or are publicized. Ransomware sometimes locks the target's computer. To avoid the damage, the victim is required to send a specified amount of money, usually via a crypto currency such as Bitcoin, within a short time window. There is no guarantee that paying the extortion price will recover the damaged data or prevent its exposure to the public. Files can be altered or erased across a network depending on the target's write permissions, and you cannot solve the strong encryption algorithms used on the compromised files. A common ransomware attack vector is tainted email, whereby the user is tricked into interacting with by a social engineering exploit called spear phishing. This makes the email to look as though it came from a trusted source. Another common vulnerability is a poorly protected Remote Desktop Protocol (RDP) port.
The ransomware variant CryptoLocker ushered in the new age of ransomware in 2013, and the monetary losses caused by the many strains of ransomware is estimated at billions of dollars per year, roughly doubling every two years. Famous examples include Locky, and NotPetya. Recent high-profile threats like Ryuk, Maze and Spora are more sophisticated and have caused more havoc than older versions. Even if your backup/recovery processes permit you to recover your ransomed files, you can still be hurt by so-called exfiltration, where stolen documents are exposed to the public (known as "doxxing"). Because new variants of ransomware crop up every day, there is no certainty that conventional signature-matching anti-virus filters will block the latest attack. If threat does appear in an email, it is critical that your users have been taught to identify social engineering techniques. Your last line of protection is a sound process for performing and keeping remote backups and the deployment of reliable recovery tools.
Ask Progent About the ProSight Crypto-Ransomware Vulnerability Checkup in Beverly Hills
For pricing details and to learn more about how Progent's ProSight Ransomware Preparedness Report can enhance your protection against crypto-ransomware in Beverly Hills, phone Progent at 800-462-8800 or see Contact Progent.