Ransomware has been weaponized by cybercriminals and bad-actor states, representing a potentially existential threat to businesses that fall victim. Current strains of crypto-ransomware target everything, including backup, making even partial restoration a long and costly process. New versions of ransomware like Ryuk, Maze, Sodinokibi, Mailto (aka Netwalker), DopplePaymer, Snatch and Egregor have made the headlines, displacing Locky, Cerber, and CryptoWall in notoriety, sophistication, and destructiveness.
90% of crypto-ransomware breaches are caused by innocent-seeming emails that have malicious hyperlinks or attachments, and a high percentage are so-called "zero-day" strains that can escape the defenses of traditional signature-matching antivirus tools. Although user training and up-front identification are important to protect against ransomware attacks, best practices dictate that you take for granted some attacks will eventually succeed and that you implement a strong backup mechanism that permits you to recover quickly with minimal losses.
Progent's ProSight Ransomware Vulnerability Checkup is an ultra-affordable service built around a remote interview with a Progent cybersecurity expert experienced in ransomware protection and recovery. During this interview Progent will collaborate with your Birmingham IT managers to collect critical information about your cybersecurity posture and backup environment. Progent will utilize this information to produce a Basic Security and Best Practices Report detailing how to adhere to best practices for configuring and managing your cybersecurity and backup systems to prevent or clean up after a crypto-ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights vital areas related to ransomware defense and restoration recovery. The review addresses:
Security
About Ransomware
Ransomware is a form of malicious software that encrypts or deletes files so they are unusable or are made publicly available. Ransomware often locks the target's computer. To prevent the damage, the target is required to pay a specified ransom, usually via a crypto currency such as Bitcoin, within a short time window. It is never certain that paying the ransom will recover the lost files or avoid its publication. Files can be altered or erased across a network based on the target's write permissions, and you cannot solve the military-grade encryption algorithms used on the hostage files. A common ransomware attack vector is tainted email, in which the target is tricked into interacting with by means of a social engineering exploit known as spear phishing. This makes the email to look as though it came from a familiar sender. Another common attack vector is a poorly protected Remote Desktop Protocol port.
The ransomware variant CryptoLocker opened the modern era of crypto-ransomware in 2013, and the damage caused by different versions of ransomware is estimated at billions of dollars annually, roughly doubling every two years. Notorious examples are WannaCry, and Petya. Recent headline threats like Ryuk, Maze and TeslaCrypt are more complex and have caused more havoc than older versions. Even if your backup/recovery processes allow your business to recover your encrypted data, you can still be hurt by exfiltration, where stolen data are made public (known as "doxxing"). Because additional versions of ransomware crop up every day, there is no guarantee that conventional signature-based anti-virus tools will detect the latest attack. If threat does appear in an email, it is important that your users have learned to be aware of social engineering tricks. Your ultimate protection is a sound scheme for scheduling and retaining offsite backups plus the use of reliable recovery tools.
Ask Progent About the ProSight Crypto-Ransomware Readiness Testing in Birmingham
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Susceptibility Testing can enhance your defense against ransomware in Birmingham, call Progent at