Ransomware has become the weapon of choice for cyber extortionists and rogue states, posing a possibly existential threat to businesses that are successfully attacked. Current versions of crypto-ransomware go after everything, including online backup, making even selective restoration a complex and expensive process. New versions of crypto-ransomware such as Ryuk, Maze, Sodinokibi, Netwalker, Phobos, Conti and Egregor have made the headlines, displacing WannaCry, Cerber, and CryptoWall in prominence, elaborateness, and destructiveness.
Most crypto-ransomware infections are the result of innocuous-looking emails that have dangerous hyperlinks or attachments, and a high percentage are "zero-day" variants that can escape the defenses of legacy signature-based antivirus (AV) filters. While user training and up-front detection are important to protect against ransomware, leading practices demand that you expect that some attacks will eventually succeed and that you deploy a strong backup solution that permits you to restore files and services rapidly with minimal losses.
Progent's ProSight Ransomware Vulnerability Checkup is a low-cost service centered around a remote discussion with a Progent security expert experienced in ransomware defense and repair. During this assessment Progent will cooperate with your Birmingham IT management staff to collect pertinent information concerning your security profile and backup processes. Progent will use this data to create a Basic Security and Best Practices Assessment detailing how to apply leading practices for implementing and managing your security and backup solution to block or clean up after a ransomware assault.
Progent's Basic Security and Best Practices Assessment highlights vital issues related to ransomware prevention and restoration recovery. The review covers:
- Effective use of administration accounts
- Correct NTFS and SMB (Server Message Block) authorizations
- Optimal firewall setup
- Safe Remote Desktop Protocol access
- Guidance for AntiVirus (AV) tools selection and configuration
The online interview for the ProSight Ransomware Preparedness Checkup service lasts about an hour for the average small business network and longer for bigger or more complicated environments. The report document features recommendations for enhancing your ability to block or clean up after a ransomware attack and Progent offers as-needed consulting services to help you and your IT staff to design and deploy an efficient cybersecurity/data backup solution customized for your business requirements.
- Split permission architecture for backup integrity
- Backing up critical servers such as AD
- Offsite backups including cloud backup to Azure
Ransomware is a type of malicious software that encrypts or steals files so they are unusable or are publicized. Ransomware often locks the victim's computer. To prevent the carnage, the target is required to send a certain amount of money, typically in the form of a crypto currency like Bitcoin, within a short period of time. It is not guaranteed that paying the extortion price will restore the damaged data or prevent its publication. Files can be altered or deleted across a network based on the victim's write permissions, and you cannot break the strong encryption technologies used on the compromised files. A common ransomware attack vector is spoofed email, in which the user is tricked into interacting with by means of a social engineering technique known as spear phishing. This makes the email to look as though it came from a trusted source. Another popular attack vector is a poorly protected Remote Desktop Protocol (RDP) port.
CryptoLocker opened the new age of crypto-ransomware in 2013, and the monetary losses caused by the many strains of ransomware is said to be billions of dollars annually, more than doubling every other year. Notorious attacks include WannaCry, and NotPetya. Recent headline threats like Ryuk, DoppelPaymer and Spora are more sophisticated and have wreaked more damage than earlier versions. Even if your backup processes permit your business to restore your encrypted files, you can still be hurt by exfiltration, where ransomed data are made public. Because additional versions of ransomware crop up every day, there is no certainty that traditional signature-based anti-virus tools will block the latest attack. If threat does show up in an email, it is important that your end users have been taught to identify phishing techniques. Your last line of defense is a sound scheme for scheduling and retaining remote backups and the use of reliable restoration tools.
Contact Progent About the ProSight Crypto-Ransomware Preparedness Evaluation in Birmingham
For pricing details and to find out more about how Progent's ProSight Crypto-Ransomware Vulnerability Consultation can bolster your protection against ransomware in Birmingham, phone Progent at 800-993-9400 or visit Contact Progent.