Ransomware has become the weapon of choice for cyber extortionists and rogue states, posing a possibly lethal risk to companies that are breached. Current variations of crypto-ransomware target everything, including online backup, making even partial restoration a long and expensive exercise. New versions of crypto-ransomware like Ryuk, Maze, Sodinokibi, Netwalker, DopplePaymer, Conti and Nephilim have emerged, replacing Locky, TeslaCrypt, and CryptoWall in prominence, elaborateness, and destructive impact.
90% of crypto-ransomware penetrations are caused by innocuous-looking emails with dangerous hyperlinks or attachments, and many are "zero-day" variants that elude the defenses of traditional signature-matching antivirus (AV) filters. Although user education and frontline detection are critical to protect your network against ransomware attacks, leading practices demand that you expect that some attacks will eventually get through and that you implement a strong backup solution that enables you to restore files and services rapidly with little if any losses.
Progent's ProSight Ransomware Vulnerability Assessment is an ultra-affordable service built around a remote discussion with a Progent cybersecurity expert experienced in ransomware defense and repair. During this interview Progent will collaborate with your Birmingham IT management staff to gather critical information about your cybersecurity posture and backup environment. Progent will use this data to produce a Basic Security and Best Practices Report detailing how to apply leading practices for implementing and administering your cybersecurity and backup systems to prevent or clean up after a ransomware attack.
Progent's Basic Security and Best Practices Assessment focuses on key areas related to crypto-ransomware prevention and restoration recovery. The report addresses:
- Proper use of admin accounts
- Assigning NTFS (New Technology File System) and SMB (Server Message Block) authorizations
- Proper firewall configuration
- Safe RDP configuration
- Guidance for AntiVirus (AV) tools identification and configuration
The remote interview process included with the ProSight Ransomware Preparedness Checkup service takes about one hour for a typical small business network and longer for larger or more complicated IT environments. The written report features suggestions for improving your ability to ward off or recover from a ransomware incident and Progent offers on-demand expertise to help you and your IT staff to create an efficient cybersecurity/backup solution customized for your business requirements.
- Split permission model for backup integrity
- Backing up required servers such as Active Directory
- Geographically dispersed backups including cloud backup to Azure
Ransomware is a variety of malicious software that encrypts or deletes files so they are unusable or are publicized. Ransomware sometimes locks the victim's computer. To prevent the damage, the victim is required to send a certain amount of money, usually via a crypto currency like Bitcoin, within a short time window. It is not guaranteed that delivering the extortion price will restore the damaged files or avoid its publication. Files can be encrypted or erased throughout a network based on the victim's write permissions, and you cannot break the strong encryption algorithms used on the hostage files. A common ransomware delivery package is spoofed email, in which the user is tricked into responding to by means of a social engineering exploit known as spear phishing. This causes the email message to look as though it came from a trusted source. Another common vulnerability is an improperly protected RDP port.
The ransomware variant CryptoLocker opened the modern era of ransomware in 2013, and the monetary losses caused by the many strains of ransomware is estimated at billions of dollars annually, roughly doubling every other year. Famous examples are WannaCry, and Petya. Recent headline variants like Ryuk, Maze and TeslaCrypt are more sophisticated and have caused more havoc than older versions. Even if your backup/recovery procedures allow your business to restore your encrypted files, you can still be threatened by exfiltration, where stolen documents are made public. Because additional variants of ransomware are launched daily, there is no guarantee that conventional signature-matching anti-virus tools will detect a new malware. If threat does show up in an email, it is critical that your end users have been taught to be aware of social engineering tricks. Your last line of protection is a sound scheme for performing and keeping offsite backups plus the deployment of reliable recovery tools.
Ask Progent About the ProSight Ransomware Readiness Checkup in Birmingham
For pricing information and to find out more about how Progent's ProSight Ransomware Readiness Checkup can enhance your protection against ransomware in Birmingham, call Progent at 800-462-8800 or see Contact Progent.